Archive

Archive for janeiro, 2009

MD5 considered harmful today

janeiro 15th, 2009
No comments

Creating a rogue CA certificate

We have identified a vulnerability in the Internet Public Key Infrastructure (PKI) used to issue digital certificates for secure websites. As a proof of concept we executed a practical attack scenario and successfully created a rogue Certification Authority (CA) certificate trusted by all common web browsers. This certificate allows us to impersonate any website on the Internet, including banking and e-commerce sites secured using the HTTPS protocol.

Source: http://www.win.tue.nl/hashclash/rogue-ca/

[ ]’s

Security

Detection and Preventing Anonymous proxy usage

janeiro 15th, 2009
Comments Off

Na lista SNORT-BR o amigo Rodrigo Montoro(Sp0oKeR) enviou o link para o seguinte documento da SANS. Vale a pena conferir.

http://www.sans.org/reading_room/whitepapers/detection/rss/detecting_and_preventing_anonymous_proxy_usage_32943

[ ]’s

Security