Presentation is loading. Please wait.

Presentation is loading. Please wait.

E-Detective HTTPS/SSL Interception – MITM & Proxy Decision Group

Published byWalter Beasley Modified over 8 years ago

Similar presentations

Presentation on theme: "E-Detective HTTPS/SSL Interception – MITM & Proxy Decision Group"— Presentation transcript:

1 E-Detective HTTPS/SSL Interception – MITM & Proxy Decision Group www.edecision4u.com

2 Introduction to HTTPS/SSL Interception  Intercept HTTPS/SSL traffic (connection sessions) by MITM attack or by Proxy setup.  HTTPS/SSL Interception by MITM mode is carried out utilizing both DNS and ARP attacks.  HTTPS web pages on targeted user can be decrypted, decoded and reconstructed. Username and password can also be obtained for Web Login.  Apply to standard HTTPS/SSL traffic without additional security.  HTTPS/SSL Interception by Proxy mode required the target users’ Web Browser to be pre-configured to use the Proxy service. Solution for: Lawful Enforcement Agencies (Police Intelligence, Military Intelligence, National Security, Counter Terrorism, etc) and corporate organizations. HTTPS/SSL Interception Appliance (Software + Hardware) User can opt to purchase only software from us and use their own hardware/server.

3 HTTPS/SSL Interception – By MITM Attack Intercept and reconstruct HTTPS/SSL traffic. Obtain HTTPS page login username and password. Intercept on specific targets (suspects)

4 HTTPS/SSL Interception – By MITM Attack  HTTPS/SSL Interception by MITM mode is carried out utilizing both DNS and ARP attacks.  HTTPS web pages on targeted user can be decrypted, decoded and reconstructed. Username and password can also be obtained for Web Login.  Target User (Suspect) IP Address must be known or pre-configured in the setup of HTTPS/SSL Interception system.  Target Website Links (URLs) must also be pre-configured.  Concurrently attack up to 5 users (Optional for more users).  Apply to standard HTTPS/SSL traffic without additional security. To view encrypted content, a key is a needed

5 HTTPS/SSL Interception – By Proxy Method

6  HTTPS/SSL Interception by Proxy implementation.  Proxy pre-configured on the targeted user(s) ‘ Web Browser is required.  HTTPS/SSL Interception by Proxy implementation can supports other protocols capturing and reconstruction besides HTTPS/SSL traffic.  Some supported protocols are: Webmail (Yahoo Mail, Gmail, Hotmail etc.), IM (Yahoo, MSN, ICQ, IRC, QQ, Web MSN, Web Yahoo etc.), HTTP Web Browsing, P2P and Online Games).  Can be implemented to a group of users (more than 100 concurrent interception)  HTTPS/SSL decryption only apply to standard HTTPS/SSL traffic without additional security. To view encrypted content, a key is a needed

7 IM/Chat (Yahoo, MSN, ICQ, Gtalk, IRC, QQ, Web MSN, Web Yahoo) Webmail (Hotmail, Yahoo, Gmail etc.) HTTP (Link, Content, Reconstruct) File Transfer P2P Others Online Games HTTPS/SSL Interception – Proxy Implementation Protocols Supported

8 Sample: Webmail (Read and Sent)

9 Sample: IM (Yahoo, MSN, ICQ etc.)

10 Sample: HTTP Link and HTTP Content

11 References – Implementation Sites and Customers  Criminal Investigation Bureau  The Bureau of Investigation Ministry of Justice  National Security Agency (Bureau) in various countries  Intelligence Agency in various countries  Ministry of Defense in various countries  Counter/Anti Terrorism Department  National Police, Royal Police in various countries  Government Ministries in various countries  Federal Investigation Bureau in various countries  Telco/Internet Service Provider in various countries  Banking and Finance organizations in various countries  Others Notes: Due to confidentiality of this information, the exact name and countries of the various organizations cannot be revealed.

12 Decision Group For more information about HTTPS/SSL Interception system, please contact decision@decision.com.tw.decision@decision.com.tw Product demonstrations can be arranged.

Download ppt "E-Detective HTTPS/SSL Interception – MITM & Proxy Decision Group"

Similar presentations

Decision Group www.edecision4u.com Forensics Investigation Toolkit (FIT) Layer 7 Content Reconstruction Tool.

Decision Group Forensics Investigation Toolkit (FIT) Layer 7 Content Reconstruction Tool.
ForceHTTPS: Protecting High-Security Web Sites from Network Attacks Collin Jackson and Adam Barth.

ForceHTTPS: Protecting High-Security Web Sites from Network Attacks Collin Jackson and Adam Barth.
Working with the Internet

Working with the Internet
Page 1 / 18 Internet Traffic Monitor IM-1000. Page 2 / 18 Outline Product Overview Product Features Product Application Web UI.

Page 1 / 18 Internet Traffic Monitor IM Page 2 / 18 Outline Product Overview Product Features Product Application Web UI.
Remote User Authentication in Digital Libraries

Remote User Authentication in Digital Libraries
4.01 How Web Pages Work.

4.01 How Web Pages Work.
E-Detective Series of Products Presentation (2009) Decision Group www.edecision4u.com.

E-Detective Series of Products Presentation (2009) Decision Group
How the Internet Works Course Objectives Introduce the various web browsers Introduce some new terms Explain the basic Internet to PC hookup  ISP  Wired.

How the Internet Works Course Objectives Introduce the various web browsers Introduce some new terms Explain the basic Internet to PC hookup  ISP  Wired.
Hands-On Ethical Hacking and Network Defense Lecture 15 Man in the Middle Attack to get Passwords from HTTPS Sessions.

Hands-On Ethical Hacking and Network Defense Lecture 15 Man in the Middle Attack to get Passwords from HTTPS Sessions.
Lawful Interception & Packet Forensics Analysis System Casper Kan Chang Decision Group June 2010.

Lawful Interception & Packet Forensics Analysis System Casper Kan Chang Decision Group June 2010.
Wireless-Detective WLAN 802.11a/b/g/n Interception System Decision Group www.edecision4u.com.

Wireless-Detective WLAN a/b/g/n Interception System Decision Group
DECISION-COMPUTER INTERNATIONAL CO., LTD E-Detective Series of Products Decision Computer Group of Company Website:

DECISION-COMPUTER INTERNATIONAL CO., LTD E-Detective Series of Products Decision Computer Group of Company Website:
Session Hijacking Why web security depends on communications security and how TLS everywhere is the only solution. Scott Helme - 6th Aug 2013 - scotthel.me.

Session Hijacking Why web security depends on communications security and how TLS everywhere is the only solution. Scott Helme - 6th Aug scotthel.me.
Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.

Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.
Network Forensics and Lawful Interception Total Solutions Provider

Network Forensics and Lawful Interception Total Solutions Provider
DECISION GROUP The Pioneer of IT Forensics Taipei, Germany, Hong Kong, Singapore.

DECISION GROUP The Pioneer of IT Forensics Taipei, Germany, Hong Kong, Singapore.
1 Software Testing and Quality Assurance Lecture 32 – SWE 205 Course Objective: Basics of Programming Languages & Software Construction Techniques.

1 Software Testing and Quality Assurance Lecture 32 – SWE 205 Course Objective: Basics of Programming Languages & Software Construction Techniques.
SSL By: Anthony Harris & Adam Shkoler. What is SSL? SSL stands for Secure Sockets Layer SSL is a cryptographic protocol which provides secure communications.

SSL By: Anthony Harris & Adam Shkoler. What is SSL? SSL stands for Secure Sockets Layer SSL is a cryptographic protocol which provides secure communications.

Similar presentations

Ads by Google