WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Security tool for monitoring HTTPS traffic?

From: "Amichai Shulman" <shulman () imperva com>
Date: Sun, 7 Mar 2004 10:14:38 +0200
We implemented in our product the ability to passively monitor HTTPS
traffic without interrupting the original stream. This feature is
intended for use by server owners. Once you have the private key loaded
into our sensor it will reconstruct the session key by passively
monitoring the key exchange between clients and server. From then on it
uses the obtained key to reconstruct the plaintext and process it
through a number of filter that allow detection of information leakage
source code disclosure, detailed error messages and so on. All this is
achieved without cutting the actual communication line but rather by
tapping into a span port in a switch or by using a network hardware tap.

Amichai Shulman
CTO
Imperva(TM) Inc.
Hachilazon 12, Ramat-Gan, ISRAEL
Tel: 972-3-6120133
Fax: 972-3-7511133
Mobile: 972-56-544451
shulman () imperva com
www.imperva.com

-----Original Message-----
From: Andreas Fredrich [mailto:andreas.fredrich () avinci de] 
Sent: Tuesday, February 24, 2004 4:56 PM
To: webappsec () securityfocus com
Subject: Security tool for monitoring HTTPS traffic?



I have a similar question too!

Are they products they can look inside HTTPS traffic? Some customers
doesn't trust HTTPS traffic going inside the company over the proxy! For
example, I have heard that a combination of squid and apache
configuraion can do these, but I have never seen it.

Every information will help me!

Mit freundlichen Gruessen/ Best Regards/ Avec meilleures salutations

A. Fredrich
Previous By Date Next
Previous By Thread Next

Current thread: