[EMAIL PROTECTED] wrote: > > SSL slows the attacker, forcing them through an authentication challenge, and > gives you a layer of auditing. If the SSL authentication is compromised, the > SSL server is just as vulnerable as a non-SSL server and subject to the same > attacks. Is that right? Is there anything else that SSL will do for you in > this circumstance? The only way SSL changes things for an attacker is if you are using client certs. Most people aren't. Without them the only authentication is when the server authenticates to the attacker but the attacker could care less. -paul - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
- Re: Configuration Arguments... In House... David Lang
- Re: Configuration Arguments... In House... Jose Nazario
- Re: Configuration Arguments... In House..... David Lang
- Re: Configuration Arguments... In Hou... Michael T. Babcock
- Re: Configuration Arguments... In House... D. Clyde Williamson
- RE: Configuration Arguments... In House... Jez Humble
- Re[2]: Configuration Arguments... In House... CSchellenberg
- RE: Re[2]: Configuration Arguments... In House... John Steniger
- RE: Re[2]: Configuration Arguments... In House... David Ishmael
- RE: Re[2]: Configuration Arguments... In House... chris . hastings
- RE: Re[2]: Configuration Arguments... In House... David Ishmael
- Re: Configuration Arguments... In House... Michael T. Babcock
- RE: Configuration Arguments... In House... Benjamin Tomhave
- Re: Configuration Arguments... In House..... Bernd Eckenfels
- Re: Configuration Arguments... In Hou... Michael T. Babcock
- Re: Configuration Arguments... I... Bernd Eckenfels
- RE: Configuration Arguments... In House..... Jose Nazario
