CRIME Attack Uses Compression Ratio of TLS Requests as Side Channel to Hijack Secure Sessions (threatpost)
CRIME Attack Uses Compression Ratio of TLS Requests as Side Channel to Hijack Secure Sessions (threatpost)
Posted Sep 13, 2012 22:26 UTC (Thu) by dlang (guest, #313)In reply to: CRIME Attack Uses Compression Ratio of TLS Requests as Side Channel to Hijack Secure Sessions (threatpost) by intgr
Parent article: CRIME Attack Uses Compression Ratio of TLS Requests as Side Channel to Hijack Secure Sessions (threatpost)
> > being in the same network segment as a router
>Sorry, that was misleading. I meant any Ethernet segment where the traffic passes through, such as your office network or an Internet exchange point.
actually, this isn't enough by itself nowdays.
With most of the ethernet infrastructure being switches, you will only occasionally see packets destined for other systems.
You can start playing games with ARP to try and route all traffic on the network through your machine instead of the router it is supposed to go through, but this sort of thing tends to cause other problems, so it's far from stealthy.