[ale] ssl hijacking attempt

John Wells jb at sourceillustrated.com
Mon Jun 24 21:07:40 EDT 2002 

Dow,

The link I was following was actually from a link on SquirrelMail's menu,
thus internal.  That's what made it so interesting...

Thanks,

John

Dow Hurst said:
> Can you post the link you were following?  Was it a link to a site on
> your own box or an external link?
>
> An external site setup to establish an additional SSL tunnel would be
> evaluated by your browser's list of certificates.  Your browser might
> have had the new certificate authentication process piped thru your
> current tunnel and assumed it was from your machine and not the external
>  machine.  I am guessing here.  Anyone want to criticize the logic?
> Have  you tried visiting the site directly and not thru the tunnel?
> Dow
>
>
> John Wells wrote:
>
>>I use squirrelmail through ssl to send and receive mail.  Today, while
>> already logged in to my mail system, I clicked a link.  The
>> Accept/Reject certificate box popped up, which was odd because I had
>> *already*
>>established an SSL connection.
>>
>>Examining the certificate, I noticed that it said it was issued from
>> "VerySign Certificate Authority" and was originating from my box.  I
>> can only assume that it was someone trying to hijack my ssl connection.
>>
>>Problem is, I can't really find a lot of good info on ssl
>> hijacking...as far as how it's done and how to prevent it.  I'm
>> assuming this doesn't necessarily mean that whoever did this has hacked
>> my box, as it wouldn't seem to make a lot of sense to go through the
>> trouble if you are already in.
>>
>>Anyway, I'm really interested in how this was done.  If anyone can
>> point me in the right direction, I'd appreciate it.
>>
>>Thanks!
>>John
>>
>>
>>
>>
>>---
>>This message has been sent through the ALE general discussion list. See
>> http://www.ale.org/mailing-lists.shtml for more info. Problems should
>> be  sent to listmaster at ale dot org.
>>
>>
>>




---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.

More information about the Ale mailing list