Sake Blok schrieb: > On Tue, Aug 05, 2008 at 02:22:58PM +0200, Paolo Abeni wrote: >> hello, >> >> In a pending patch for the SSL dissector: >> >> https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2725 >> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=2029 >> >> it's implemented the attack to CVE 2008 0166. This is basically a brute >> force against a relative small set of candidate private keys for the SSL >> session. > > Although not an answer to your question, I personally object to the > idea of putting brute force code into Wireshark. Wireshark has a good > reputation as a network analysis tool. Which of course means it can be > used for less honest purposes as well, but putting code in to deliberately > break security based on a weakness in the protocol crosses the line > for me. This would put Wireshark in a whole different set of tools > which might not do it good... > > I personally vote against inclusing of this code into the source > tree. How do others feel about the inclussion of this code? >
FULL ACK to Sake! Here in germany we have a (IMHO pretty obscure) law that prohibits the use of "hacker tools" - whatever that exactly is, is still to be found out in court :-( By a technical layman (lawyer or judge) Wireshark could be a borderline case of such a hacker tool, but I think in it's current state WS is on the "safe side" of this "legal border". I mean such a legal discussion "hacker tool or not" would be a *lot* more difficult if WS would contain brute force attack code intended to crack passwords! Is it really worth to get into this trouble (probably not only in germany), if there are already other tools for this purpose out there to do this ... ? Regards, ULFL P.S: If WS would contain any cracking stuff, it would also be much more difficult to get the allowance to use it in any corporate networks! _______________________________________________ Wireshark-dev mailing list [email protected] https://wireshark.org/mailman/listinfo/wireshark-dev
