Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols that provide secure communications on the Internet for such things as web browsing, e-mail, Internet faxing, instant messaging and other data transfers. There are slight differences between SSL and TLS, but the protocol remains substantially the same. The term "TLS" as used here applies to both protocols unless clarified by context. (http://en.wikipedia.org/wiki/Secure_Sockets_Layer)
SSL Man-in-the-Middle Attacks
SSL Man-in-the-Middle Attacks refer the MITM attacks through SSL/TLS channles. SSL/TLS was supposed to mitigate that risk for web transactions by providing endpoint authentication and encryption. However, it is discovered in late 2000 the feasibility of mounting a MITM attack on the protocol. One faulty SSL client implementation, Microsoft's Internet Explorer, allows for transparent SSL MITM attacks when the attacker has any CA-signed certificate. An even greater risk is posed by unprotected systems where an attacker can preload his/her own trusted root authority certificates. The mitigation for such attack is to properly configure client SSL that would warn the user about problems with the server certificate.
目前很多使用了Public Key的RAS,因此是有不小的难度的。
主要应该是使用Man in middle attack了。使用的工具是wireshark。
Look At All Of These Passwords!
http://blogs.ittoolbox.com/security/investigator/archives/look-at-all-of-these-passwords-11240
I'm trying to find a password with wireshark?
http://sg.answers.yahoo.com/question/index?qid=20071003163658AA5fMB8