Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
December 13, 2006, 11:58 am
rate this thread
I am trying to access a secure website (https) from my workplace, I use
Firefox2 running from an USB for that, the problem is that the browser
complaints that the site certificate does not match with the site name
and in looking at it closer I see this:
"Common Name: localhost.localdomain
Serial number: 00"
And so on, is it possible the administrator of the network I am using is
eavesdropping on my https connexions? And if that is the case, can I get
Needless to say that I have rejected such certificate.
mapping the internet 24/7 http://www.netdimes.org
- Sebastian Gottschalk
December 13, 2006, 1:08 pm
Well, not yet. You have to accept the spoofed certificate first. :-)
You'd need a tunnel that doesn't get actively modified. Hardly achievable
without installing specialized software, which is most likely prohibited as
Of course, just look at the ON and the Serial#. The CN doesn't seem that
reasonable either. I'd say the admin is competent enough to install
something to intercept SSL connections, but not quite competent to actually
create some reasonable certificate which clearly points out that purpose.
At any rate, even if you accepted a valid certificate, you wouldn't be off
much better, As the admin has control over the machine, he can log and/or
modify all input and output, including keystrokes. Thus, it's never a good
idea to do sensible stuff on non-trusted machines.