Re: sniffing SSL (was OT: mod_ssl (apache) log entries -- wtf?)
On Thu, Feb 20, 2003 at 12:45:59PM -0800, Vineet Kumar wrote:
> Is there an easy way to decode a snarfed SSL session given
> that he has the server's private key? Theoretically it's
> possible, but I wonder if any of the popular sniffing/IDS
> tools facilitate it.
but the odd part is, they didn't just come in from the top
(first uri was not "/"). it reflects either a) the result of a
prior drill-down or 2) an exact echo of my previous request, but
somehow coming from outside in the internet.
my lan is set up like this
workstations
192.168.1.*
|
192.168.1.5
firewall
192.168.0.5
|
192.168.0.1
server
11.22.33.44
|
internet
my requests were encrypted (https) from 192.168.1.* and were
directed to the public interface of the server box, but from
inside the lan. no traffic ever crossed the server/internet
threshold. what gives?
--
I use Debian/GNU Linux version 3.0;
Linux server 2.4.20-k6 #1 Mon Jan 13 23:49:14 EST 2003 i586 unknown
DEBIAN NEWBIE TIP #113 from Sebastiaan <S.Breedveld@ITS.TUDelft.NL>
:
To CHANGE FROM FIXED TO DYNAMIC IP ADDRESS is simple:
just edit /etc/network/interfaces and if eth0 is the interface
to change, use:
iface eth0 inet dhcp
That should work. See 'man interfaces' for more information.
Also see http://newbieDoc.sourceForge.net/ ...
Reply to: