E-commerce attack imminent; Sudden increase in port scanning for SSL doesn't look good
Anne & Lynn Wheeler
lynn at garlic.com
Fri Jul 23 14:08:29 EDT 2004
At 11:09 AM 7/23/2004, Matt Crawford wrote:
>I can't see any reasonable way to derive your conclusion from the cited
>article.
>
> "The surge began on 15 July, the day before the public disclosure
> of a critical flaw in a server module called mod_ssl.
>
> "The last time Netcraft observed similar activity was in April,
> shortly before a wave of attacks on SSL servers that included the
> compromise of some major e-commerce sites. Attackers used a flaw
> in Microsoft's implementation of SSL to install malicious code..."
i just mentioned that it could possible be (another kind of)
attack/threat model (other than the obvious referenced
in the article).
i wasn't aware that this mailing list would preclude mention
of other possible attack/thread models .... other than the
obvious ones mentioned.
--
Anne & Lynn Wheeler http://www.garlic.com/~lynn/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list