[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [hobbit] Feature request: SSL/TLS client/server negotiation
- To: hobbit (at) hswn.dk
- Subject: Re: [hobbit] Feature request: SSL/TLS client/server negotiation
- From: Charles Jones <jonescr (at) cisco.com>
- Date: Fri, 13 Oct 2006 16:41:44 -0700
- Authentication-results: sj-dkim-2.cisco.com; header.From=jonescr@cisco.com; dkim=pass ( sig from cisco.com verified; );
- Dkim-signature: a=rsa-sha1; q=dns; l=446; t=1160782891; x=1161646891; c=relaxed/simple; s=sjdkim2002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=jonescr@cisco.com; z=From:Charles=20Jones=20<jonescr@cisco.com> |Subject:Re=3A=20[hobbit]=20Feature=20request=3A=20SSL/TLS=20client/server=20nego tiation; X=v=3Dcisco.com=3B=20h=3DXC/QxkgD1qOk48QPC69T4/okKv4=3D; b=xIfdDhnXjHyySxNxRN+n5ngZQlky0IA22OFxYyUchVk01yvlJk+jhUqa61T+ypw1NfgHEowY SZeHo3JOfNQSxpx1Vgcg2jaocpv6UVBhmSEzwt/t3izeAbXWc+orStUB;
- References: <AEAE02A192FF134295ADE16FD006E8F0CFBC23@HSCSEMAIL21.hscs.virginia.edu> <4ffdf1bc0610130740w7be1e384n3dc9a5b1a85aba56@mail.gmail.com>
- User-agent: Thunderbird 1.5.0.7 (Windows/20060909)
It should be fairly easy to mod the hobbit code so that it does a really
simple scramble (XOR) of the data stream. If you do that, plus running
it on a non-standard port, should sufficiently confuse most people
running a sniffer. At least the data wouldn't be in plaintext and the
attacker would have to code up a custom app to decode the data. If they
have time to do that, they are probably good enough to own your network
anyway.