Results 1 to 4 of 4

Thread: Securing Client Server HTTPS Connection

  1. #1
    Junior Member
    Join Date
    Feb 2014
    Posts
    1

    Lightbulb Securing Client Server HTTPS Connection

    I have a https connection from Client to Server and a malware in client. The malware modifies the message and compromises its integrity. I am using a proxy to check the Integrity of the message after the malware has changed the message and before sending it over the internet to the server.

    Now, How can I check the Integrity of the message (Sure that it has not been modified by any Man in the Middle) for the second half of my communication channel(Which is from Client to the Server over the internet).

    I see few conventional approaches of CRC or Checksum will help. But I am looking for some non traditional or upcoming approaches. I am new to this area and want to take expert advise about the direction I need to search for answer to my question.

    Any pointers would be of great help.

    Thanks,

  2. #2
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Hi,

    You need to wipe the infected device and re-install.

    There is no other logical way

  3. #3
    They call me the Hunted foxyloxley's Avatar
    Join Date
    Nov 2003
    Location
    3rd Rock from Sun
    Posts
    2,534
    further to Nihil's response, it IS the only way
    UNLESS - you are postulating a theoretical scenario ?
    so if you really DO have malware loaded, you HAVE to get rid of it first, and THEN you can look into ways of authentication

    if this IS just a mind game you are working through, then you would still have to add malware removal as step one, because until that is gone, you just cannot trust anything coming from client, and, more to the point, if you have an infected client, why would you want it remaining on your system ..........
    once you have a clean client speaking to yhour servers across your network, then you can contemplate other things, but reality is that once you have a clean system it will be transmitting / receiving good data anyway, as part of the built in standards that are incorporated into the transport portocols already

    odd question when you start to look at it in a mind games way :?
    so now I'm in my SIXTIES FFS
    WTAF, how did that happen, so no more alterations to the sig, it will remain as is now

    Beware of Geeks bearing GIF's
    come and waste the day :P at The Taz Zone

  4. #4
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Hi Foxy~ I hope that you and yours are well,

    This is a strange question indeed?

    If I am using a proxy to monitor the integrity of the message then the proxy must be clean?...................so the second half of the transmission must be clean also? assuming that the proxy has cleaned it?

    But why?.................I guess I know why I didn't get that job at GCHQ

Similar Threads

  1. Connection to HTTPS server Timed-Out
    By Natasha69 in forum AntiOnline's General Chit Chat
    Replies: 2
    Last Post: December 22nd, 2002, 05:28 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •