[Bro] SSL Question

Ben Mixon-Baca bmixonb1 at cs.unm.edu
Wed Jun 8 19:33:53 PDT 2016


I am trying to determine if the prime being used is from apache's
mod_ssl. I didn't know if it was possible to use some field available in
the Cert record or another record to determine the prime implicitly
since they are public.

On 06/08/2016 07:01 PM, Slagell, Adam J wrote:
> I don’t think you mean to ask what you are asking. In regular DH over a finite field, the prime that determines the group is not even secret or terribly interesting.
> 
> Stepping back a bit, what are you trying to accomplish?
> 
> :Adam
>> On Jun 8, 2016, at 8:53 PM, Ben Mixon-Baca <bmixonb1 at cs.unm.edu> wrote:
>>
>> Does Bro make the server's prime it sent to a client in the diffie
>> hellman key exchange visible?
>>
>> For example, if a client on my network is talking to an apache server,
>> would I be able to print the prime the server sends to the client?
>> -- 
>> Ben
>>
>> _______________________________________________
>> Bro mailing list
>> bro at bro-ids.org
>> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
> 
> ------
> 
> Adam J. Slagell
> Chief Information Security Officer
> Director, Cybersecurity Division
> National Center for Supercomputing Applications
> University of Illinois at Urbana-Champaign
> www.slagell.info
> 
> "Under the Illinois Freedom of Information Act (FOIA), any written communication to or from University employees regarding University business is a public record and may be subject to public disclosure." 
> 
> 
> 
> 
> 
> 
> 
> 

-- 
Ben

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: OpenPGP digital signature
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20160608/94f31ca0/attachment.bin 


More information about the Bro mailing list