[lug] ssl
Hugh Brown
hugh at vecna.com
Tue Feb 13 09:54:49 MST 2001
I am new to ssl and am looking for a good beginners guide. Any
recommendations?
I was also wondering about where the encryption takes place.
For instance, I have a non-ssl page (insecure.html) that has a link on it
that points to https://tuna.fish.net/securedir/index.html that is password
protected via apache. When the login prompt comes up is that encrypted or
do I need to go to a secure page first and then go to a login via ssl?
Is that a stupid question since every request is a one time request and it
either goes through an ssl tunnel or it doesn't?
I was also trying to sniff the traffic on the webpage (I have to do a
seminar for some customers showing them why they want security and I was
hoping to be able to do a hands on demo that shows a username and password
going across clear text via a webpage login). When I sniff an apache login
setup, I just see garbage going across (I'm not using ssl for that
section). How can I see that traffic?
Hugh
More information about the LUG
mailing list