[ale] ssl hijacking attempt

John Wells jb at sourceillustrated.com
Mon Jun 24 15:17:54 EDT 2002


I use squirrelmail through ssl to send and receive mail.  Today, while
already logged in to my mail system, I clicked a link.  The Accept/Reject
certificate box popped up, which was odd because I had *already*
established an SSL connection.

Examining the certificate, I noticed that it said it was issued from
"VerySign Certificate Authority" and was originating from my box.  I can
only assume that it was someone trying to hijack my ssl connection.

Problem is, I can't really find a lot of good info on ssl hijacking...as
far as how it's done and how to prevent it.  I'm assuming this doesn't
necessarily mean that whoever did this has hacked my box, as it wouldn't
seem to make a lot of sense to go through the trouble if you are already
in.

Anyway, I'm really interested in how this was done.  If anyone can point
me in the right direction, I'd appreciate it.

Thanks!
John




---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.






More information about the Ale mailing list