'Re: Checkpoint smart defance as IPS'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       security-basics
Subject:    Re: Checkpoint smart defance as IPS
From:       Shreyas Zare <shreyas () secfence ! com>
Date:       2010-05-31 17:09:41
Message-ID: AANLkTilglTaScvH7tLK2Ihub40NujI3_wnFJ-rzjd00K () mail ! gmail ! com
[Download RAW message or body]

Hi,

Yes, but as Bretten Andrew mentioned earlier, the client machine needs
to trust an internal CA (which will be used to dynamically generate
cert for SSL MITM that matches the site being visited by user)

Regards,

--
Shreyas Zare

Sr. Information Security Researcher
Secfence Technologies
www.secfence.com


On Sun, May 30, 2010 at 2:40 AM, Craig S. Wright
<craig.wright@information-defense.com> wrote:
> 
> Not at all. Your comment was:
> "An IPS that decrypts SSL does not exist."
> 
> This is blatantly false. IDS, IPS, Wireshark even all have SSL decryption
> capabilities. There is no requirement for a separate proxy.
> 
> Checkpoint has this capability. NO extra proxy. You seem to be missing that
> distinction.
> 
> Regards,
> ...
> Dr. Craig S Wright GSE-Malware, GSE-Compliance, LLM, & ...
> Information Defense Pty Ltd
> 
> 
> 
> -----Original Message-----
> From: Trevor Alexander [mailto:trevor.alexander.email@gmail.com]
> Sent: Sunday, 30 May 2010 4:28 AM
> To: <craig.wright@Information-Defense.com>
> Cc: Laurens Vets; <mzcohen2682@aim.com>; <security-basics@securityfocus.com>
> Subject: Re: Checkpoint smart defance as IPS
> 
> You are saying the same thing me and anyone else who has posted on the
> topic is saying, you're just using different words. You should read
> the whole thread before you make comments.

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL \
certificate.  We look at how SSL works, how it benefits your company and how your \
customers can tell if a site is secure. You will find out how to test, purchase, \
install and use a thawte Digital Certificate on your Apache web server. Throughout, \
best practices for set-up are highlighted to help you ensure efficient ongoing \
management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic