Ronald F. Guilmette, and lo! it spake thus: > > Here's my point: If you really have already managed to become the > man-in-the-middle anyway, then couldn't you just dummy up any and > all responses, including those for DNS, in such a way as to make it > all appear to the victim that everything was "normal", you know, > such that he can see the cute little padlock symbol to the left of > the URL in the browser?
Dummying up DNS responses is probably the way you got the user to your site in the first place; that would often be easier than trying to intercept their TCP 80/443 web connect tries. But they're not gonna get the cute little padlock unless the browser is happy with the cert, which is going to mean either the user accepts it through the increasingly-irritating-and-dire warnings, or it's signed by some CA the browser accepts. So, you'd either need to get one of the umpteen common CA's to give you one, or sneak an extra CA into their browser (and if you could do that latter, you could bypass a lot of the spoofing work anyway). -- Matthew Fuller (MF4839) | fulle...@over-yonder.net Systems/Network Administrator | http://www.over-yonder.net/~fullermd/ On the Internet, nobody can hear you scream. _______________________________________________ freebsd-security@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
