Southwest Airlines captive portal

[frnkblk at iname.com (Frank Bulk)]

I was MITMed, but not maliciously, but by Southwest Airline?s system (which uses Row44).   The site doesn?t have to be pinned for a browser to throw up a warning about the SSL certificate not matching the URL.

 

I did connect with an SWA employee.

 

Frank

 

From: Paras Jha [mailto:paras at protrafsolutions.com] 
Sent: Saturday, February 27, 2016 5:09 PM
To: Damien Burke <damien at supremebytes.com>
Cc: Frank Bulk <frnkblk at iname.com>; nanog at nanog.org
Subject: Re: Southwest Airlines captive portal

 

You got MITM'd

 

On Sat, Feb 27, 2016 at 1:57 PM, Damien Burke <damien at supremebytes.com <mailto:damien at supremebytes.com> > wrote:

You should change your paypal password.


-----Original Message-----
From: NANOG [mailto:nanog-bounces at nanog.org <mailto:nanog-bounces at nanog.org> ] On Behalf Of Frank Bulk
Sent: Saturday, February 27, 2016 10:27 AM
To: nanog at nanog.org <mailto:nanog at nanog.org> 
Subject: Southwest Airlines captive portal

Anyone from Southwest Airlines on this list?

On a recent flight I discovered I couldn't complete payment through PayPal because my web browsers properly noticed that the Southwest Airlines SSL certificate that the captive portal was giving for PayPal didn't match up.
=)  I had to create an exception for PayPal just to complete payment.

Frank