Comments on: TLS Renegotiation Test http://netsekure.org/2009/11/tls-renegotiation-test/ random noise generator Tue, 27 Jul 2010 15:26:48 +0000 hourly 1 http://wordpress.org/?v=3.0.1 By: Nasko http://netsekure.org/2009/11/tls-renegotiation-test/comment-page-1/#comment-123 Nasko Mon, 26 Apr 2010 16:18:56 +0000 http://netsekure.org/?p=156#comment-123 I've emailed you with details, so let's keep in touch and see how I can help you with your project. I’ve emailed you with details, so let’s keep in touch and see how I can help you with your project.

]]> By: Nasko http://netsekure.org/2009/11/tls-renegotiation-test/comment-page-1/#comment-122 Nasko Mon, 26 Apr 2010 16:17:39 +0000 http://netsekure.org/?p=156#comment-122 Yes, I am only testing client initiated renegotiation. It says so on the page itself : ). Server initiated renegotiation depends on a bunch of factors, so it is hard to produce a generic test. Yes, I am only testing client initiated renegotiation. It says so on the page itself : ). Server initiated renegotiation depends on a bunch of factors, so it is hard to produce a generic test.

]]> By: Nipun http://netsekure.org/2009/11/tls-renegotiation-test/comment-page-1/#comment-111 Nipun Sat, 24 Apr 2010 21:01:56 +0000 http://netsekure.org/?p=156#comment-111 We are trying to make the use of X-ignore in HTTP header to simulate the attack. And, it seems like you use telnet to get the output here. Are you only testing for Client-initiated renegotiation ? We are trying to make the use of X-ignore in HTTP header to simulate the attack. And, it seems like you use telnet to get the output here. Are you only testing for Client-initiated renegotiation ?

]]> By: Nipun http://netsekure.org/2009/11/tls-renegotiation-test/comment-page-1/#comment-110 Nipun Sat, 24 Apr 2010 20:59:05 +0000 http://netsekure.org/?p=156#comment-110 Hey Nasko, This is pretty cool. We are a bunch of grad students who are trying to simulate the TLS renegotiation vulnerability in virtual testbed environment. I just stumbled on to your link today, 2 days before the final presentation of our project. Can you please share the source code of this Renegotiation Test with us ? We hope that we will get back to you with a better implementation useful for our project as well as for putting up on your website. Let me know if you have any questions. Thanks and regards, Nipun Hey Nasko,

This is pretty cool. We are a bunch of grad students who are trying to simulate the TLS renegotiation vulnerability in virtual testbed environment. I just stumbled on to your link today, 2 days before the final presentation of our project.

Can you please share the source code of this Renegotiation Test with us ? We hope that we will get back to you with a better implementation useful for our project as well as for putting up on your website.

Let me know if you have any questions.

Thanks and regards,

Nipun

]]> By: MitM Plaintext Injection Vulnerability in TLS (openssl) « waffle http://netsekure.org/2009/11/tls-renegotiation-test/comment-page-1/#comment-47 MitM Plaintext Injection Vulnerability in TLS (openssl) « waffle Sun, 13 Dec 2009 12:27:03 +0000 http://netsekure.org/?p=156#comment-47 [...] Test Here: TLS Renegotiation Test | netsekure rng [...] [...] Test Here: TLS Renegotiation Test | netsekure rng [...]

]]> By: Extended Subset » Blog Archive » Assorted news http://netsekure.org/2009/11/tls-renegotiation-test/comment-page-1/#comment-46 Extended Subset » Blog Archive » Assorted news Mon, 30 Nov 2009 21:21:57 +0000 http://netsekure.org/?p=156#comment-46 [...] has set up a nice test for client-initiated renegotiation on his blog. This is probably the most pervasive, and simplest to exploit, form of the SSL/TLS [...] [...] has set up a nice test for client-initiated renegotiation on his blog. This is probably the most pervasive, and simplest to exploit, form of the SSL/TLS [...]

]]> By: Tweets that mention TLS Renegotiation Test | netsekure rng -- Topsy.com http://netsekure.org/2009/11/tls-renegotiation-test/comment-page-1/#comment-45 Tweets that mention TLS Renegotiation Test | netsekure rng -- Topsy.com Mon, 30 Nov 2009 16:07:17 +0000 http://netsekure.org/?p=156#comment-45 [...] This post was mentioned on Twitter by PhoneFactor, Marsh Ray. Marsh Ray said: RT @naskooskov TLS client initiated renegotiation test http://netsekure.org/2009/11/tls-renegotiation-test/ [...] [...] This post was mentioned on Twitter by PhoneFactor, Marsh Ray. Marsh Ray said: RT @naskooskov TLS client initiated renegotiation test http://netsekure.org/2009/11/tls-renegotiation-test/ [...]

]]>