Yeah it would see it as coming from the iRex. Why don't you test it by sniffing another PC and then running a HTTPS site. You will get a message that the certificate is not valid (because our fake is not signed e.g. by Thawte), but if you look at the details of the certificate, you see its the one that's originally coming from the server. If you want to make the attack perfectly undistinguishable, you'd have to use a signed certificate.
I don't exactly know how you tried an ssl proxy program on the iLiad.
|