Bitcoin Forum>Other>Meta
Pages:
Author

Topic: Today's Man-In-The-Middle (Read 4563 times)

theymos
administrator
Activity: 5222
Merit: 13032
Today's Man-In-The-Middle
August 28, 2014, 06:57:51 PM
#24
Quote from: Raize on August 26, 2014, 10:51:53 AM
I have a SHA1 thumbprint for a 7/7/2014 certificate verified by Rapid SSL of the following:
7b:cf:43:ce:3b:6a:9e:78:62:81:76:6f:9a:71:7a:da:e2:7c:37:c6

Is this correct? I see references to a different cert in this thread. Sorry for the necro, I just thought it might be good to reference why I was posting rather than doing a new thread about it.

https://bitcointalksearch.org/topic/new-https-keys-568146

Quote from: Kluge on August 26, 2014, 09:29:58 PM
Does the thumbprint change if cert is renewed??

No.
Kluge
donator
Activity: 1218
Merit: 1015
Re: Today's Man-In-The-Middle
August 26, 2014, 09:29:58 PM
#23
Quote from: Raize on August 26, 2014, 10:51:53 AM
I have a SHA1 thumbprint for a 7/7/2014 certificate verified by Rapid SSL of the following:
7b:cf:43:ce:3b:6a:9e:78:62:81:76:6f:9a:71:7a:da:e2:7c:37:c6

Is this correct? I see references to a different cert in this thread. Sorry for the necro, I just thought it might be good to reference why I was posting rather than doing a new thread about it.
Yep, that's what I have. Issued on July 7th. Connecting directly to server IP address provides same. Does the thumbprint change if cert is renewed??
Raize
donator
Activity: 1419
Merit: 1015
Re: Today's Man-In-The-Middle
August 26, 2014, 10:51:53 AM
#22
I have a SHA1 thumbprint for a 7/7/2014 certificate verified by Rapid SSL of the following:
7b:cf:43:ce:3b:6a:9e:78:62:81:76:6f:9a:71:7a:da:e2:7c:37:c6

Is this correct? I see references to a different cert in this thread. Sorry for the necro, I just thought it might be good to reference why I was posting rather than doing a new thread about it.
devthedev
legendary
Activity: 1050
Merit: 1004
Re: Today's Man-In-The-Middle
December 02, 2013, 07:53:12 PM
#21
I wonder which resource on the page is not secure...
jackjack
legendary
Activity: 1176
Merit: 1280
May Bitcoin be touched by his Noodly Appendage
Re: Today's Man-In-The-Middle
December 02, 2013, 07:18:27 PM
#20
Quote from: wachtwoord on December 02, 2013, 07:16:40 PM
Quote from: jackjack on December 02, 2013, 07:10:31 PM
Click on the padlock, then try to find it

The little lock in the address bar indicating it uses https (SSL)
Yeah sorry I should have clarified that
wachtwoord
legendary
Activity: 2324
Merit: 1125
Re: Today's Man-In-The-Middle
December 02, 2013, 07:16:40 PM
#19
Quote from: jackjack on December 02, 2013, 07:10:31 PM
Click on the padlock, then try to find it

The little lock in the address bar indicating it uses https (SSL)
jackjack
legendary
Activity: 1176
Merit: 1280
May Bitcoin be touched by his Noodly Appendage
Re: Today's Man-In-The-Middle
December 02, 2013, 07:10:31 PM
#18
Click on the padlock, then try to find it
Phinnaeus Gage
legendary
Activity: 1918
Merit: 1570
Bitcoin: An Idea Worth Spending
Re: Today's Man-In-The-Middle
December 02, 2013, 07:09:20 PM
#17
Quote from: jarhed on December 02, 2013, 07:06:04 AM
Quote from: Kluge on December 02, 2013, 06:54:59 AM
Yeah. You can double-check the SSL certificate if you want. SHA1 fingerprint should be 29 0e cc 82 2b 3c ce 0a 73 94 35 a0 26 15 ec d3 eb 1f 46 6b

All letters in my SHA1 fingerprint are full Caps.
29 0E CC 82 2B 3C CE 0A 73 94 35 A0 26 15 EC D3
EB 1F 46 6B

Let's pretend for a sec that I don't have a clue as to where to look for the above. Remember, we're only pretending, but any help would be appreciated by those who don't know how to pretend.

~TMIBTCITW
jarhed
sr. member
Activity: 672
Merit: 254
Re: Today's Man-In-The-Middle
December 02, 2013, 07:38:46 AM
#16
Quote from: CIYAM on December 02, 2013, 07:21:09 AM
Quote from: jarhed on December 02, 2013, 07:06:04 AM
All letters in my SHA1 fingerprint are full Caps.

Caps is not relevant for the hash value when it's displayed as hex (i.e. it can be shown using either upper or lower case letters but is still the same hash value regardless).


Thanx.



CIYAM
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
Re: Today's Man-In-The-Middle
December 02, 2013, 07:21:09 AM
#15
Quote from: jarhed on December 02, 2013, 07:06:04 AM
All letters in my SHA1 fingerprint are full Caps.

Caps is not relevant for the hash value when it's displayed as hex (i.e. it can be shown using either upper or lower case letters but is still the same hash value regardless).
wachtwoord
legendary
Activity: 2324
Merit: 1125
Re: Today's Man-In-The-Middle
December 02, 2013, 07:12:02 AM
#14
Quote from: Kluge on December 02, 2013, 06:54:59 AM
Quote from: wachtwoord on December 02, 2013, 06:51:01 AM
I logged on just now via the ip 109.201.133.195 then everything should be peachy right?
Yeah. You can double-check the SSL certificate if you want. SHA1 fingerprint should be 29 0e cc 82 2b 3c ce 0a 73 94 35 a0 26 15 ec d3 eb 1f 46 6b

Thanks, it checks out Smiley
jarhed
sr. member
Activity: 672
Merit: 254
Re: Today's Man-In-The-Middle
December 02, 2013, 07:06:04 AM
#13
Quote from: Kluge on December 02, 2013, 06:54:59 AM
Yeah. You can double-check the SSL certificate if you want. SHA1 fingerprint should be 29 0e cc 82 2b 3c ce 0a 73 94 35 a0 26 15 ec d3 eb 1f 46 6b

All letters in my SHA1 fingerprint are full Caps.
29 0E CC 82 2B 3C CE 0A 73 94 35 A0 26 15 EC D3
EB 1F 46 6B
Kluge
donator
Activity: 1218
Merit: 1015
Re: Today's Man-In-The-Middle
December 02, 2013, 06:54:59 AM
#12
Quote from: wachtwoord on December 02, 2013, 06:51:01 AM
I logged on just now via the ip 109.201.133.195 then everything should be peachy right?
Yeah. You can double-check the SSL certificate if you want. SHA1 fingerprint should be 29 0e cc 82 2b 3c ce 0a 73 94 35 a0 26 15 ec d3 eb 1f 46 6b
wachtwoord
legendary
Activity: 2324
Merit: 1125
Re: Today's Man-In-The-Middle
December 02, 2013, 06:51:01 AM
#11
I logged on just now via the ip 109.201.133.195 then everything should be peachy right?
Sindelar1938
hero member
Activity: 490
Merit: 500
Re: Today's Man-In-The-Middle
December 02, 2013, 05:28:12 AM
#10
I just changed my password and other settings
Anything else that I need to do to be safe?
Thanks for any input
maurya78
hero member
Activity: 490
Merit: 500
Re: Today's Man-In-The-Middle
December 02, 2013, 04:54:26 AM
#9
you are right, hadn't noticed that the end date is in the future

Very interesting
justusranvier
legendary
Activity: 1400
Merit: 1013
Re: Today's Man-In-The-Middle
December 02, 2013, 12:23:23 AM
#8
extortion
full member
Activity: 141
Merit: 100
Re: Today's Man-In-The-Middle
December 02, 2013, 12:21:43 AM
#7
Was the Hacker Named Robert DROP TABLES?
anti-scam
sr. member
Activity: 476
Merit: 251
COINECT
Re: Today's Man-In-The-Middle
December 02, 2013, 12:07:43 AM
#6
Quote from: theymos on December 01, 2013, 11:53:14 PM
Quote from: anti-scam on December 01, 2013, 11:51:29 PM
Was this attack only a MitM to steal passwords or was malicious content served? I've read reports of suspicious Java applets.

There was only one report of that, and I think that he was probably thinking of JavaScript. CloudFlare has an error page that asks you to enable JS so it can more accurately fingerprint you.

Well I had a random browser crash after being served an odd page when accessing the site (though I don't have Java or JS enabled) but it must have been a coincidence.
theymos
administrator
Activity: 5222
Merit: 13032
Re: Today's Man-In-The-Middle
December 01, 2013, 11:53:14 PM
#5
Quote from: anti-scam on December 01, 2013, 11:51:29 PM
Was this attack only a MitM to steal passwords or was malicious content served? I've read reports of suspicious Java applets.

There was only one report of that, and I think that he was probably thinking of JavaScript. CloudFlare has an error page that asks you to enable JS so it can more accurately fingerprint you.
Pages:
Bitcoin Forum>Other>Meta
Jump to: