Holy molly, is this firm evidence of a MITM being done on me?
-
I am aggregating the bandwidth from 2 ISP's using multiwan. Just tried to add a package and when I clicked on Packages I got a display that looked like the attachment.
Is this definitive evidence of a man in the middle attack being done on me (or your server)?
![mitm evidence on pfsense.jpg](/public/imported_attachments/1/mitm evidence on pfsense.jpg)
![mitm evidence on pfsense.jpg_thumb](/public/imported_attachments/1/mitm evidence on pfsense.jpg_thumb) -
Not 100% certain. Possible, sure, but not certain.
What version of pfSense is that? It could be that it doesn't trust the CA/Cert used on our server for some reason, or your clock could be wrong, or who knows what.
-
what is the FQDN that is checked? Should be able to just use openssl to check the details of the cert, etc.