Security team successfully cracks SSL using 200 PS3's and MD5
Dragos Ruiu
dr at kyx.net
Sat Jan 3 02:32:01 UTC 2009
On 2-Jan-09, at 9:56 AM, Robert Mathews (OSIA) wrote:
> Joe Greco wrote:
>> [ .... ]
>>
>> Either we take the potential for transparent MitM attacks
>> seriously, or
>> we do not. I'm sure the NSA would prefer "not." :-)
>>
>> As for the points raised in your message, yes, there are additional
>> problems with clients that have not taken this seriously. It is,
>> however,
>> one thing to have locks on your door that you do not lock, and
>> another
>> thing entirely not to have locks (and therefore completely lack the
>> ability to lock). I hope that there is some serious thought going
>> on in
>> the browser groups about this sort of issue.
>>
>> [ ... ]
>>
>> ... JG
>
> F Y I, see:
>
> SSL Blacklist 4.0 - for a Firefox extension able to detect 'bad'
> certificates @
> http://www.codefromthe70s.org/sslblacklist.aspx
>
> Best.
Snort rule to detect said...
url: http://vrt-sourcefire.blogspot.com/2009/01/md5-actually-harmful.html
alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"POLICY Weak
SSL OSCP response -- MD5 usage"; content:"content-type: application/
ocsp-response"; content:"2A 86 48 86 F7 0D 01 01 05"; metadata: policy
security-ips drop, service http; reference: url, www.win.tue.nl/hashclash/rogue-ca/
; classtype: policy-violation; sid:1000001;)
cheers,
--dr
--
World Security Pros. Cutting Edge Training, Tools, and Techniques
Vancouver, Canada March 16-20 2009 http://cansecwest.com
London, U.K. May 27/28 2009 http://eusecwest.com
pgpkey http://dragos.com/ kyxpgp
More information about the NANOG
mailing list