The following link supports a TLS 1.3 MiTM test checker https://tls13.mitm.watch/
The results and test identifier is listed in the output;
test1
Here's the same test when I have re-enabled my TLS decryption device on my network that does not support TLS v1.3
test2
So keep in mind for the 2nd test , I have the same ; host ( browser ) , the same network, but the TLS inspection device does not support TLS v1.3.
NOTE: if you suspect a MiTM device is inspecting your TLS traffic confirm the cert issuer for the web-server . Reference how to use "crt.sh" to find all listed issues for website certificates that are using known public CAs. If your issues string does NOT match the listed string in "crt.sh" , than a MiTM device is installed and probably decrypting. This is why SSL/TLS does not really mean your 100% protected, since the average end-users see a padlock and think they are secured. A MiTM device could be plant in between you and the web-site and unless you know what to look at and look for, you would have no clue.
http://socpuppet.blogspot.com/2017/10/howto-find-certificate-issued-against.html
NSE ( network security expert) and Route/Switching Engineer
kfelix -----a----t---- socpuppets ---dot---com
^ ^
=( @ @ )=
o
/ \
No comments:
Post a Comment