SSL Security / Intercepting SSL

Gigabyte / Ga-ma770-ud3
June 29, 2010 at 06:45:23
Specs: Microsoft Windows Vista Home Premium, 3 GHz / 8188 MB
Hi All,

(This is probably a question for network security experts!)

I have a very basic understanding of SSL (certificate authorities, certificates, trusting the issuer, etc) and what I understand is that when I log in to, the communication between me and the Gmail server is encrypted and no one can eavesdrop on the conversation.

This is what I used to believe until recently I found out that on a corporate (or any other network) there are devices (i.e network hardware) that can fool a browser into believing that, for example, it is and therefore establishes an SSL connection, decrypts the data (i.e. allow plain-text to be viewed by someone, e.g. network administrator), then forwards it on to the actual server.

However is it correct that the only caveat is that you need to install a certificate on the users browser asking it to trust this "hardware device"?

How easy is this to do (i.e. the entire process)? Is it something that is common practice within corporate networks? Is it practical to actually view, say a Google Talk chat between two users, in a network that has upwards of 400 users locally and about 6000 users in total (on the WAN). Has anyone here done anything like this and if so what is their experience? Also what would a "fake" certificate look like?

Thank you!

See More: SSL Security / Intercepting SSL

Report •

June 29, 2010 at 06:56:43
web search man in the middle attack.

Report •

June 29, 2010 at 07:47:56
Thanks for that. I have done a bit of reading on MITM attacks but I'm also hoping to get feedback from network admins who've had experience in doing this in a corporate network.

Report •

June 29, 2010 at 12:15:29
I would like to meet the corporate admin that has time for that.

This is strickly the domain of security admins. They are a very thin slice of the IT pie.

You would be better off finding a security/hacking forum and getting input there.

Report •

Related Solutions

June 30, 2010 at 00:42:55
Fair enough! :)

I shall find a security forum and post back a link if I get further information.

Thank You!

Report •

Ask Question