Beefy Boxes and Bandwidth Generously Provided by pair Networks
Come for the quick hacks, stay for the epiphanies.
 
PerlMonks  

Re^2: HTTP::Proxy SSL Man in the middle

by morgon (Priest)
on Aug 20, 2010 at 02:16 UTC ( [id://856165]=note: print w/replies, xml ) Need Help??


in reply to Re: HTTP::Proxy SSL Man in the middle
in thread HTTP::Proxy SSL Man in the middle

Something like this is actually done in big institutions.

Some year ago I did a project in a big bank in Switzerland.
Pretty much everybody there was using the "official" Internet Explorer. The funny thing was that when you used Firefox you got warnings on ssl-secured sites that the certificate did not match the domain-name. In fact it turned out that their proxy just returned a self-signed certificate and the "official" Internet Explorer had been modified so that it would silently accept this certificate.

So in effect they had a man-in-the-middle with hardly anybody noticing it.

So if you want to do it yourself the important thing is that you must be able to control the browser (and I assume that if you can force your users to use IE you're already halfway there).

And as an aside: Never trust the browsers that are rolled out by the IT-departments of big organisations.

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://856165]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others contemplating the Monastery: (4)
As of 2024-03-19 03:20 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found