Differences

This shows you the differences between two versions of the page.

--- kaspersky_ssl [2017/08/31 09:35]
eServices Greece
+++ kaspersky_ssl [2017/08/31 12:28] (current)
eServices Greece
@@ Line 1: / Line 1: @@
 {{tag>security kav kaspersky antivirus}} {{howhard>1}}
 ===== Kaspersky Antivirus SSL Interception =====
-KAV has a "feature" that will intercept all <wrap em>https://.</wrap> traffic so that it can inspect it. In order to do that it essentially breaks the secure path between your client and the web service you visit by in effect doing a MITM "attack". Your client will always see the KAV SSL certificate (which has an expiration date of decades in the future...) and your "secure" connection will effectively be proxied by the Antivirus to the site. Excluding all the **severe** security implications this will also not allow you to inspect the actual sites certificate.
+KAV has a "feature" that will intercept all <wrap em>https://.</wrap> traffic so that it can inspect it. In order to do that it essentially breaks the secure path between your client and the web service you visit by in effect doing a MITM "attack". Your client will always see the KAV SSL certificate (which has an expiration date of decades in the future...) and your "secure" connection will effectively be proxied by the Antivirus to the site. Excluding all the **severe** security implications, this will also not allow you to inspect the actual sites certificate.
+==== Connection Flowchart ====
+{{ :misc:ssl-normalvskav.png?nolink& |}}
+[[http://d.esgr.xyz/file/mo3lAmpoGd21iOf9/sjpoKIOh456jPs8b/ssl-normalvskav.svg|SVG]]
 ==== Disable SSL Interception ====
 Right Click on the Icon in KAV on your taskbar -> Settings -> Additional -> Network -> Do not scan encrypted connections
+{{ :misc:kav-ssl.jpg?nolink& |}}