Scribd Logo
Carica

Benvenuto in Scribd!

  • Attacker: How Tls (Transport Layer Security) Works

    Caricato da

    armvherisec
    18 visualizzazioni1 pagina
    Heartbleed_infographic

    Titolo originale

    Heartbleed_infographic

    Copyright

    © © All Rights Reserved

    Formati disponibili

    PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento
    Heartbleed_infographic

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    18 visualizzazioni1 pagina

    Attacker: How Tls (Transport Layer Security) Works

    Caricato da

    armvherisec
    Heartbleed_infographic

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 1

    HEARTBLEED - THE OPENSSL HEARTBEAT EXPLOIT

    HOW TLS (TRANSPORT LAYER SECURITY) WORKS


    CLIENT
    Secure Session Request

    ATTACKER

    SERVER
    Send Certificate

    HEARTBLEED
    ATTACK

    Check Certificate
    Get Public Key

    Decrypt Session Key


    with the Servers
    Private Key

    SOCIAL
    NETWORKS

    Generate Session Key


    Encrypt it with the
    Servers Public Key

    Secure Communications
    with the Session Key

    SENSITIVE DATA FROM THE


    WEB SERVERS MEMORY
    INTERNET
    BANKING

    PERSONAL,
    CORP EMAIL

    WELFARE,
    TAX, HEALTH

    FINANCE,
    STOCK TRADE

    HOW HEARTBEAT EXTENSION FOR TLS WORKS


    CLIENT
    Send Heartbeat
    Request Message
    (to make sure the peer is alive)

    SERVER

    ONLINE
    SHOPPING

    WEB SERVER

    COMMUNICATIONS
    OVER TLS

    VULNERABLE
    OPENSSL
    (1.0.1-1.0.1f)

    Extract payload & put


    it into Response Message

    PAYLOAD

    HEARTBEAT REQUEST
    MESSAGE
    Make sure the received
    payload is the same

    HEARTBEAT RESPONSE
    MESSAGE

    HOW THE HEARTBLEED EXPLOIT WORKS


    CLIENT
    Malformed Heartbeat:
    Small payload disguised as
    a big one

    YOU ARE
    HERE
    VULNERABLE OPENSSL CLIENTS
    ARE ALSO SUSCEPTABLE TO ATTACK
    FROM COMPROMISED SERVERS

    SERVER
    Extract payload & put
    it into Response Message

    MEMORY
    DATA

    RECEIVED
    HEARTBEAT RESPONSE

    NUMBER OF VULNERABLE WEBSITES


    AMONG TOP 10,000

    E:
    E:
    W:

    cyberresponse@baesystems.com
    marketingai@baesystems.com
    www.baesystems.com/ai

    The payload
    is expected to be big, so the
    bucket gets other data too

    Check & Upgrade OpenSSL


    Change passwords & keys
    (users & internal e.g. DB)

    628
    15.5 hours 301

    TLS/SSL Private Keys


    Authentication Cookies
    Passwords/Credentials

    RECOMMENDATIONS FOR
    SERVER ADMINISTRATORS

    8 April 2014
    4:00PM UTC

    17 hours

    9 April 2014
    7:30AM UTC

    Apply IDS signatures

    180

    10 April 2014
    12:30AM UTC

    Buy a new TLS certificate


    & key pair

    Copyright 2014 BAE Systems.


    All Rights reserved. BAE SYSTEMS, the BAE SYSTEMS Logo and the product names referenced herein are trade marks of BAE Systems plc.
    Other company names, trade marks or products referenced herein are the property of their respective owners and are used only to describe such companies, trade marks or products.
    BAE Systems Applied Intelligence Limited is registered in England & Wales under company number 01337451 and has its registered office at Surrey Research Park, Guildford, England, GU2 7RQ.

    Potrebbero piacerti anche