I'm in the market for a small business firewall and I came upon a reasonably priced device but the hardware uses a "self signed security certificate". I'm reading information that this is extremely dangerous because it exposes the network traffic to a MitM attack with https websites since there's a security warning the user must bypass and that traffic can be intercepted and used to obtain the self signed certificate to generate a fake certificate. Then it allows the third party to read and modify all data sent to or from the website by the target user...
How dangerous is this? How easy is this attack to accomplish? How skilled would someone have to be to accomplish this? Would this be novice teenage hacker wanabe level by just downloading some programs off the internet ... this like white-hat pro level ... or NSA level and its not as easy as the network crime dramas make it out to be?
If my employees were accessing normal office data such as PDF files & downloading/uploading documents and spreadsheets to a central server, could this MitM be used to change those files ? Could they change the data when its passing between the terminal and the server with the files appearing unchanged and signed like nothing happened?
No comments:
Post a Comment