-
September 30th, 2009, 09:01 PM
#1
SSL Survey
I'm speaking at SecTor (www.sector.ca) in Toronto next week and I'm trying to collect some data on perceptions of SSL from various target groups.
I figured I'd post an additional survey here -- http://www.surveymonkey.com/s.aspx?s...ShsDD1NA_3d_3d
The data will eventually be released on SSLFail.com following the conference.
-
October 1st, 2009, 02:42 PM
#2
SSL has been a sore subject in my organization. We had a pentest done before I was hired and the pentesters had used bot which was emailed to a user and they were tricked to install it. Once installed, it communicated over SSL using a self signed certificate. The answer to fix that was to block access to ALL SSL sites and to permit only those that had been inspected by IT.
As you can imagine, this caused a huge amount of overhead on the network admins as they had to check out every SSL site. All the while, there was no proxy/content inspection for normal HTTP sites and all that traffic was allowed through.
When I saw this was happening, I was amazed that this was their answer. To me, it was just a waste of time. As it turned out, they were using a sonicwall firewall which has SSL control which allows you to block untrusted CAs, weak SSL ciphers, self signed certs, etc. Then just white list their domain if they are ok to use. I setup this feature and implemented a Bluecoat SG Proxy with SSL inspection.
There are several other layers that I've implemented but they have to do with antivirus/firewall and local access, so they are not relevant to this discussion.
http://www.sonicwall.com/downloads/2...ure_Module.pdf
http://www.bluecoat.com/news/pr/202
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
Similar Threads
-
By Paws in forum AntiOnline's General Chit Chat
Replies: 6
Last Post: November 25th, 2005, 06:29 PM
-
By zencoder in forum Miscellaneous Security Discussions
Replies: 6
Last Post: February 5th, 2005, 07:25 PM
-
By SDK in forum Miscellaneous Security Discussions
Replies: 1
Last Post: June 11th, 2004, 03:49 PM
-
By invader in forum AntiOnline's General Chit Chat
Replies: 2
Last Post: May 15th, 2003, 03:18 PM
-
By bimmer in forum Tech Humor
Replies: 2
Last Post: November 24th, 2002, 06:10 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|