CPC H04L 63/0428 (2013.01) [H04L 9/0891 (2013.01); H04L 63/0281 (2013.01); H04L 63/0464 (2013.01)] | 17 Claims |
1. A network security device configured to monitor data traffic between a first device and a second device, the network security device comprising:
one or more processors; and
one or more non-transitory computer-readable media storing computer-executable instructions that, when executed by the one or more processors, cause the one or more processors to perform acts comprising:
sending first key information associated with the network security device to a domain name server configured to store the first key information in association with multiple domain names including a domain name associated with the second device, wherein the domain name server is configured to provide the first key information to the first device at least partly in response to the first device sending a request for an address associated with the second device; and
intercepting a first initial message of a first encrypted handshaking procedure for a first secure communication session between the first device and the second device, the first initial message specifying a hostname that has been encrypted using the first key information.
|