public marks

PUBLIC MARKS with tags ssl & security

This year

2012

Ettercap Home Page

by Xavier Lacot & 6 others
Ettercap is a comprehensive suite for leading man in the middle attacks.

2011

Google+ Gets a “+1″ for Browser Security

by marco
Set-Cookie Secure, Set-Cookie HttpOnly, X-Content-Type-Options, X-Frame-Options, X-XSS-Protection

2010

2009

Securing a Domain: SSL vs. DNSSEC

by marco
There has been quite a bit of talk lately about the best way to secure a domain, mainly centered in two camps: using Secure Socket Layer (SSL), or using DNS Security Extensions (DNSSEC). The answer is quite simple—you should use both.

Scroogle Scraper

by ycc2106
For Scroogle, SSL is used to hide your search terms. Your IP address is dropped before your search terms are sent to Google. In case of "employer spyware" packages such as Websense. If you use Wi-Fi and you haven't set up your router for secure operation, or in some countries, the government could be monitoring your web activity.

The Problem With HTTPS SSL Runs Deeper Than MD5

by marco
To move forward, we first need to acknowledge that the current HTTPS SSL mechanism is completely broken.

RapidSSL CA - MD5 and detailed info about the problem

by marco
Not all CAs using MD5 are automaticaly broken [...] Only with these 4 things in place it was possible to pull this off.

2008

Apsis Gmbh

by camel & 2 others
The Pound program is a reverse proxy, load balancer and HTTPS front-end for Web server(s). Pound was developed to enable distributing the load among several Web-servers and to allow for a convenient SSL wrapper for those Web servers that do not offer it natively. Pound is distributed under the GPL - no warranty, it's free to use, copy and give away. WHAT POUND IS: 1. a reverse-proxy: it passes requests from client browsers to one or more back-end servers. 2. a load balancer: it will distribute the requests from the client browsers among several back-end servers, while keeping session information. 3. an SSL wrapper: Pound will decrypt HTTPS requests from client browsers and pass them as plain HTTP to the back-end servers. 4. an HTTP/HTTPS sanitizer: Pound will verify requests for correctness and accept only well-formed ones. 5. a fail over-server: should a back-end server fail, Pound will take note of the fact and stop passing requests to it until it recovers. 6. a request redirector: requests may be distributed among servers according to the requested URL. Pound is a very small program, easily audited for security problems. It can run as setuid/setgid and/or in a chroot jail. Pound does not access the hard-disk at all (except for reading the certificate file on start, if required) and should thus pose no security threat to any machine.

PUBLIC TAGS related to tag ssl

and +   apache +   ca +   certificat +   certificate +   cryptage +   dns +   documentation +   encryption +   ettercap +   firewall +   free +   howto +   http +   https +   internet +   is +   js +   ldap +   linux +   md5 +   +   open +   openssl +   other +   protocol. +   proxy +   remote +   secu +   security +   serveur +   site +   sniffer +   sécurité +   software +   ssl/tls +   ssl2 +   standard +   subversion +   sysadmin +   tls +   to +   tools +   ubuntu +   uses +   vpn +   web +   wifi +   wildcard +   wordpress +  

Active users

srcmax
last mark : 21/03/2014 10:09

Xavier Lacot
last mark : 17/10/2012 10:08

marco
last mark : 05/09/2011 17:16

vrossign
last mark : 30/08/2011 20:30

RETFU
last mark : 01/08/2011 09:43

antoine
last mark : 30/11/2010 23:47

kemar
last mark : 28/04/2010 13:48

webs
last mark : 09/12/2009 11:36

piouPiouM
last mark : 15/10/2009 14:15

ycc2106
last mark : 06/03/2009 08:52

camel
last mark : 13/02/2008 12:48