Skip to main content

Sweet32 - Vulnerbility

By Er.Susheel

Recently there was another Vulnerability grab My attention which was related to DES and Tripple DES (3DES) , Any men in the middle can exploit this vulnerability by capturing large amount of encrypted data and thus recover plain text sensitive data.

Severity: Medium
CVE Number: CVE-2016-2183


For Freelance Work & Queries Contact me by Email Id support@linuxforeveryone.com

Remediation : You need to disable any ciphers starting with DES and 3DES supported by Server by any service present on server for example

  • Apache
  • Nginx etc
 
Important Point to Remember : 1 :
 
Normally old browser don't supports DES and 3DES ciphers. It is very important to note that in many cases, a software update (back-ported version provided by Operating System vendor ) won't be enough to resolve this issue. Usually software update doesn't overwrite manually tweaked configuration files, which means, DES/3DES can be still available, even if the software update disables them by default.   

                                                      
Important Point to Remember : 2 : 
 On Windows 7/10 systems running RDP (Remote Desktop Protocol), the vulnerable cipher that should be disabled is labeled 'TLS_RSA_WITH_3DES_EDE_CBC_SHA'.   

 
Important Point to Remember : 3 :
  
Please limit the number of requests client can make in a single TLS session and / or the keep-alive timeout value, If disabling 64 bit block ciphers is not possible. 

====================================X============X=================================================

Contact support@linuxforeveryone for any Freelancing work on Linux Servers

Subscribe my YouTube Channel 

Like My Facebook Page 

Browse the Best in class Web Hosting Plans
Labels:
Location: India

Comments

Post a Comment

Popular posts from this blog

Solution and Step to fix CVE-2019-5736 Vulnerability - Docker

By Linux For Every One
Recently a new vulnerability has been discovered in the the internet market having target to Docker services. What is this Vulnerability: In short, Docker service uses another service called as runc which is container run time to spawn and run containers. which simply means if docker task is to create docker images then runc task would be running them and attaching a process to container. So as per the recent discovery by the maintainers of runc, the code of this service was having some bug which can be used by attackers to gain the root level of access of the host machine on which docker containers are running. How it can be Exploited: This vulnerability can be exploited in two ways (1) if the docker images are in use is vulnerable making the containers build from it vulnerable also (2) if somehow attacker got the access of containers and then trying to exploit using the bug present in runc and trying to get root privileges. Solution to Fix Vulnerability: Ce
1 comment
Read more

How to Generate CSR using Openssl in Linux

By Er.Susheel
Before Generating CSR ,let see what is Openssl. It is nothing but a core library ,which is used for general purpose in cryptography,it is an open source product which work towards the implementation of SSL and TLS protocols. Talking about openssl, some people called the certificates generated from openssl as "self signed certificate". lets go towards now,creating CSR and private key using openssl command, Just log in to any of your Linux box and run following command as  root user  replacing the required information as per your need . [root@SVR home]#   openssl req -new -newkey  rsa:2048 -nodes -sha256 -out domain_name.csr -keyout domain_name.key -subj "/C=US/ST=state/L=locality/O=organization/OU=organization unit Dept/CN=www.domain.com"  You will get output like : Then check whether ,all the information we have entered ,while creating CSR is proper ,by decoding the CSR from some online tool. First do the cat to the csr file [root@SVR home]#  cat
1 comment
Read more

Multiple instances of redis

By Er.Susheel
In the last post I have covered how to install redis server on Centos/Rhel using rpm method and yum method and some troubleshooting skills. In this post i am going to cover how to install and configure redis to run with multiple ports.                                                                           But why we need more ports ? If you have read my earlier post , you already know that by default redis runs on single port 6379, which any one can use it for small website to cache the data. But for heavy website like magento we need to use additional ports along with 6379 to serve different cache from different ports. Like in Magento there is simple cache which is normally stored under /var/cache directory. Then there is Full Page Cache which is stored under /var/full_page_cache and session cache which is stored under /var/session_cache. Note : Discussion about cache/full page cache/session is not under the scope for this document.                      
35 comments
Read more