More discussion on that topic here: http://markmail.org/message/h7lobdh7ywcukxjg Frank From: wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Mark Semkiw
Sent: Wednesday, October 14, 2015 11:19 AM
To: Community support list for Wireshark <wireshark-users@xxxxxxxxxxxxx>
Subject: Re: [Wireshark-users] dissecting HTTPS traffic It may not strictly be illegal but at our company we have taken the tack that we just don’t decrypt users traffic, especially sensitive usernames and passwords to sites like online banking and healthcare, it’s not worth the risk of an employee getting compromised and then coming back and saying that we had the data so we must have been the one’s that got compromised. I guess it’s more of a management decision, but I imagine depending on what country/state you are in there are also some legal issues to content with. Mark Semkiw, Senior Network Engineer From: <wireshark-users-bounces@xxxxxxxxxxxxx> on behalf of Noam Birnbaum
Reply-To: Community support list for Wireshark
Date: Tuesday, October 13, 2015 at 8:08 PM
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] dissecting HTTPS traffic Mark, I'm curious about your statement that it's not legal to decrypt users' traffic without them being aware. Since companies are constantly asserting that they own all the data on their devices and network, why would a user's personal traffic, even if it's of a sensitive nature, be any different? On Tue, Oct 13, 2015 at 9:00 AM, Mark Semkiw <Mark.Semkiw@xxxxxxxxxxxxx> wrote: Because technically it’s not legal to decrypt users traffic without them being aware. It could reveal things like online banking passwords and such. We use PA firewalls and they have the ability to do SSL decryption but I can’t actually see the traffic, the firewall uses layer 7 inspection to and it’s own internal rule base/security signatures do decide if the traffic gets passed or not. Mark Semkiw, Senior Network Engineer From: <wireshark-users-bounces@xxxxxxxxxxxxx> on behalf of Noam Birnbaum
Reply-To: Community support list for Wireshark
Date: Monday, October 12, 2015 at 4:32 PM
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] dissecting HTTPS traffic Curious, why wouldn't you recommend doing our own MITM attack? (And how would we do it?)
___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives: https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
|