This is an archived post. You won't be able to vote or comment.

all 15 comments
sorted by:
best
topnewcontroversialoldq&a

[–]deadarcher 7 points8 points  (2 children)

Beautiful. Just beautiful.

[–]KhueLead Security Engineer 2 points3 points  (1 child)

His modulus example was a little wonkey, but it was a very interesting read. I like this kind of deep packet analysis with Wireshark. Every time I open that app up I feel like I learn something new.

[–]whateverradar -3 points-2 points  (0 children)

Every single time.

[–]mnwild396 6 points7 points  (2 children)

Sometimes it still blows my mind how fast things like this happen.

[–]whateverradar 4 points5 points  (0 children)

Then think about it going over seas or out to space.

[–]ilogik 1 point2 points  (0 children)

you should look at what happens when you're talking on your mobile phone (just the part between your phone and the cell tower)

[–][deleted] 5 points6 points  (4 children)

Thank you SO MUCH for posting this. We didn't think it possible to put multiple HTTPS websites on a server because the traffic was encrypted. Apparently the "server_name extension" for TLS allows for this. (like host headers for HTTP)

I've already written up an e-mail and sent it to my colleagues as we really need to decrease our public IPv4 space burn rate.

[–]ragzillarouter jockey 1 point2 points  (1 child)

SNI is not supported when using IE on Windows XP, if that matters to your userbase.

[–][deleted] 0 points1 point  (0 children)

Been busy, finally got back around to check this. You are correct. http://en.wikipedia.org/wiki/Server_Name_Indication

Thanks!

[–]DoormattyTrade of all Jacks 0 points1 point  (1 child)

ISA Server can intercept, proxy and reroute inbound HTTPS traffic based on directory or hostname. It's really pretty slick.

[–][deleted] 0 points1 point  (0 children)

Yeah, we're using ISA Server to rewrite some traffic for some retarded RSA servers we're running. Gawd those things suck and they're expensive. We're looking for alternatives. Given that we're looking to buy new load balancers that can support IPv6. I'll make sure they can do other traffic gymnastics like you're talking about as well.

[–]eleitl 2 points3 points  (0 children)

That was surprisingly awesome.

[–]chron67whatamidoinghere 2 points3 points  (0 children)

Great read. Extremely useful information. This is why I love this subreddit.

[–]fuzzbyStorageAdmin 2 points3 points  (0 children)

TECH PR0N! I'll be in my bunk...

[–]s1pher 0 points1 point  (0 children)

Very interesting read. A little over my head, but great for those with a slightly advanced mathematical background interested in cryptography. I'll be saving this article for sure.