|
|
Sponsored Content
Special Forums
Cybersecurity
IT Security RSS
New SSL Inspection Solutions: Are they helping us or not?
Post 302432086 by Linux Bot on Thursday 24th of June 2010 12:15:08 AM
06-24-2010
New SSL Inspection Solutions: Are they helping us or not?
I saw some presentations and papers about a new technology that is able to decrypts SSL traffic and sends it to existing security and network appliances on high speed networks. This technology enables existing IPS solutions to identify risks normally hidden by SSL such as regulatory compliance violations, viruses, malware, data loss, intrusion attempts, etc.
This is a very good approach to detect/block those attacks (there are reports showing a increase on attacks using SSL traffic) but I see some risks related.
There are obvious advantages to adopt such technology but a careful analysis must be in place earlier the adoption to address these risks. This will be a case-by-case study and (at least I believe) that not all companies will be able to deploy such technology due to regulations or compliance.
Best Regards
More...
This is a very good approach to detect/block those attacks (there are reports showing a increase on attacks using SSL traffic) but I see some risks related.
- If someone uses this technology to decrypt the traffic and get the info? What are the mitigation actions in place to avoid this?
- How this technology will handle DDOS attacks? It'll be overloaded?
- What is the latency that this technology will add on the network?
- How browsers handle this "man-in-the middle" like security solution?
Best Regards
More...
|
|
7 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Can someone explain the difference between the two. Thanks (1 Reply)
Discussion started by: jerardfjay
1 Replies
2. UNIX for Dummies Questions & Answers
i have configured Squid proxy server in Fedora 8 with two network interfaces.
HTTP, HTTPS, FTP are working fine but we are unable to download mails using mail clients from mail server with POP3(ssl) and SMTP(ssl).
so please someone help us how to enable pop and smtp in Squid. (1 Reply)
Discussion started by: praneel2k
1 Replies
3. Web Development
I have interesting problem.
https:/host/some/x.cgi
- this script has run twice when I call this url
But
http:/host/some/x.cgi
work fine, only once.
Output is text/plain.
If I change output format to the Content-type text/html,
then both urls works fine - executed only once. (2 Replies)
Discussion started by: kshji
2 Replies
4. Shell Programming and Scripting
hi,
i have a file where I want to extract the the failure count only from the file.
JOB_NAME STATE RUN_COUNT FAILURE_COUNT
------------------------------ --------------- ---------- -------------
OFS_BALA_BILLING_IN SCHEDULED 22992 ... (6 Replies)
Discussion started by: gotam
6 Replies
5. Programming
"C++ Execution Inspection" is the best term I could coin for what it is I'd like to do. Suggestions from anyone who has done programming in C++ on Linux are welcome.
I was taught C++ in classrooms that used MS Visual Studio a few years ago. Visual Studio had a debugging mode that made it really... (1 Reply)
Discussion started by: ejr2122
1 Replies
6. Shell Programming and Scripting
Good Evening,
i got a homework where i have to list all files in the directory with the name length >=3 and <= 6 and after trying it for 2 days my Prof gave me a bit of code:
#!/bin/bash
for file in $(ls)
do
done
after that he told me "now you only have to use wc and you got it" but... (1 Reply)
Discussion started by: Mentoss
1 Replies
7. Linux
Issue observed: I have configured ng.my-site.com using widlcard ssl cert. When I hit https://www.my-site.com it loads ng.my-site.com website!
please advise if I missed any concept / configs... Thank you!
httpd.conf
<VirtualHost *:80>
ServerName www.my-site.com
ServerAdmin... (0 Replies)
Discussion started by: ashokvpp
0 Replies
LEARN ABOUT DEBIAN
blockdiag
BLOCKDIAG(1) General Commands Manual BLOCKDIAG(1) NAME
blockdiag - generate block-diagram image file from spec-text file. SYNOPSIS
blockdiag [options] file DESCRIPTION
This manual page documents briefly the blockdiag commands. blockdiag is a program that generate block-diagram image file from spec-text file. OPTIONS
These programs follow the usual GNU command line syntax, with long options starting with two dashes (`-'). A summary of options is included below. For a complete description, see the SEE ALSO. --version show program's version number and exit -h, --help Show summary of options -a, --antialias Pass diagram image to anti-alias filter -c FILE, --config=FILE read configurations from FILE -o FILE write diagram to FILE -f FONT, --font=FONT use FONT to draw diagram --fontmap=FONT use FONTMAP file to draw diagram -s, --separate Separate diagram images for each group -T TYPE Output diagram as TYPE format --nodoctype Do not output doctype definition tags (SVG only) --no-transparency do not make transparent background of diagram (PNG only) SEE ALSO
The programs are documented fully by http://tk0miya.bitbucket.org/blockdiag/build/html/index.html AUTHOR
blockdiag was written by Takeshi Komiya <i.tkomiya@gmail.com> This manual page was written by Kouhei Maeda <mkouhei@palmtb.net>, for the Debian project (and may be used by others). May 9, 2011 BLOCKDIAG(1)