Southwest Airlines captive portal

Frank Bulk frnkblk at
Sun Feb 28 04:45:38 UTC 2016

I was MITMed, but not maliciously, but by Southwest Airline’s system (which uses Row44).   The site doesn’t have to be pinned for a browser to throw up a warning about the SSL certificate not matching the URL.


I did connect with an SWA employee.




From: Paras Jha [mailto:paras at] 
Sent: Saturday, February 27, 2016 5:09 PM
To: Damien Burke <damien at>
Cc: Frank Bulk <frnkblk at>; nanog at
Subject: Re: Southwest Airlines captive portal


You got MITM'd


On Sat, Feb 27, 2016 at 1:57 PM, Damien Burke <damien at <mailto:damien at> > wrote:

You should change your paypal password.

-----Original Message-----
From: NANOG [mailto:nanog-bounces at <mailto:nanog-bounces at> ] On Behalf Of Frank Bulk
Sent: Saturday, February 27, 2016 10:27 AM
To: nanog at <mailto:nanog at> 
Subject: Southwest Airlines captive portal

Anyone from Southwest Airlines on this list?

On a recent flight I discovered I couldn't complete payment through PayPal because my web browsers properly noticed that the Southwest Airlines SSL certificate that the captive portal was giving for PayPal didn't match up.
=)  I had to create an exception for PayPal just to complete payment.



More information about the NANOG mailing list