Encryption of Streams
•SSL/TLS, SSH, VPN
technologies
•Nothing is “solved” if the
implementation is wrong, or the end points are insecure
–Bad
passwords
–Vulnerable
daemons wrapped in SSL (e.g. Metasploit is SSL-aware)
•Attackers have been known to
“sniff” for encrypted traffic, then attack the endpoints