February 28th, 2014, 07:53 PM
Securing Client Server HTTPS Connection
I have a https connection from Client to Server and a malware in client. The malware modifies the message and compromises its integrity. I am using a proxy to check the Integrity of the message after the malware has changed the message and before sending it over the internet to the server.
Now, How can I check the Integrity of the message (Sure that it has not been modified by any Man in the Middle) for the second half of my communication channel(Which is from Client to the Server over the internet).
I see few conventional approaches of CRC or Checksum will help. But I am looking for some non traditional or upcoming approaches. I am new to this area and want to take expert advise about the direction I need to search for answer to my question.
Any pointers would be of great help.
March 6th, 2014, 01:02 PM
You need to wipe the infected device and re-install.
There is no other logical way
March 6th, 2014, 06:45 PM
further to Nihil's response, it IS the only way
UNLESS - you are postulating a theoretical scenario ?
so if you really DO have malware loaded, you HAVE to get rid of it first, and THEN you can look into ways of authentication
if this IS just a mind game you are working through, then you would still have to add malware removal as step one, because until that is gone, you just cannot trust anything coming from client, and, more to the point, if you have an infected client, why would you want it remaining on your system ..........
once you have a clean client speaking to yhour servers across your network, then you can contemplate other things, but reality is that once you have a clean system it will be transmitting / receiving good data anyway, as part of the built in standards that are incorporated into the transport portocols already
odd question when you start to look at it in a mind games way :?
55 - I'm fiftyfeckinfive and STILL no wiser,
Beware of Geeks bearing GIF's
come and waste the day :P at The Taz Zone
March 7th, 2014, 09:19 PM
Hi Foxy~ I hope that you and yours are well,
This is a strange question indeed?
If I am using a proxy to monitor the integrity of the message then the proxy must be clean?...................so the second half of the transmission must be clean also? assuming that the proxy has cleaned it?
But why?.................I guess I know why I didn't get that job at GCHQ
By Natasha69 in forum AntiOnline's General Chit Chat
Last Post: December 22nd, 2002, 05:28 PM
Tags for this Thread