Re: [gentoo-user] Re: 'Heartbleed' bug
140410 walt wrote: Anyone here really understand the underlying principles? There's an excellent description of the bug + the fix here : http://blog.cryptographyengineering.com/2014/04/attack-of-week-openssl-heartbleed.html -- ,, SUPPORT ___//___, Philip Webb ELECTRIC /] [] [] [] [] []| Cities Centre, University of Toronto TRANSIT`-O--O---' purslowatchassdotutorontodotca
Re: [gentoo-user] Re: 'Heartbleed' bug
On 11/04/2014 00:55, walt wrote: On 04/09/2014 05:06 PM, Joseph wrote: Is gentoo effected by this new 'Heartbleed' bug? The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library http://heartbleed.com/ This topic was discussed in my favorite podcast, http://twit.tv/sn Steve Gibson explained that the heartbeat feature was introduced in openssl to allow *UDP* connections to mimic the 'keepalive' function of the TCP protocol. IIRC Steve didn't explain how UDP bugs can compromise TCP connections. Anyone here really understand the underlying principles? If so, please explain! Thanks. UDP is not compromising TCP connections. The software bug allows malicious connecting code to determine the contents of memory, which is in use by sshd. How that memory got to be there is irrelevant. There are many lengthy discussions on the internet on how this vuln works. You should read them. -- Alan McKinnon alan.mckin...@gmail.com
Re: [gentoo-user] Re: 'Heartbleed' bug
On Thu, Apr 10, 2014 at 03:55:47PM -0700, walt wrote: On 04/09/2014 05:06 PM, Joseph wrote: Is gentoo effected by this new 'Heartbleed' bug? The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library http://heartbleed.com/ This topic was discussed in my favorite podcast, http://twit.tv/sn Steve Gibson explained that the heartbeat feature was introduced in openssl to allow *UDP* connections to mimic the 'keepalive' function of the TCP protocol. IIRC Steve didn't explain how UDP bugs can compromise TCP connections. Anyone here really understand the underlying principles? If so, please explain! Thanks. Yes, but no, actually. It's main use is in DTLS, over UDP and similar protocols, however it is also supported in TLS (over TCP). From the RFC [0]: DTLS is designed to secure traffic running on top of unreliable transport protocols. Usually, such protocols have no session management. The only mechanism available at the DTLS layer to figure out if a peer is still alive is a costly renegotiation, particularly when the application uses unidirectional traffic[...] TLS is based on reliable protocols, but there is not necessarily a feature available to keep the connection alive without continuous data transfer. The Heartbeat Extension as described in this document overcomes these limitations. So the heartbeat in [D]TLS, as implemented in OpenSSL, is standard-compliant. It's more useful in datagram communication (i.e. UDP, connectionless) but it is available for connection-oriented protocols (i.e. TCP), as well. It was the TLS heartbeat-implementation that suffered from this vulnerability. You can see the patch-fix here[1], if you're interested. [0] https://tools.ietf.org/html/rfc6520 [1] https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=96db9023b881d7cd9f379b0c154650d6c108e9a3
Re: [gentoo-user] Re: 'Heartbleed' bug
On 4/10/2014 6:59 PM, Alan McKinnon wrote: Steve Gibson explained that the heartbeat feature was introduced in openssl to allow *UDP* connections to mimic the 'keepalive' function of the TCP protocol. IIRC Steve didn't explain how UDP bugs can compromise TCP connections. Anyone here really understand the underlying principles? If so, please explain! Thanks. UDP is not compromising TCP connections. The software bug allows malicious connecting code to determine the contents of memory, which is in use by sshd. How that memory got to be there is irrelevant. There are many lengthy discussions on the internet on how this vuln works. You should read them. While there may be many OpenSSL experts on this list, I believe that the BEST source of information on this bug, how it works, what it does, and so forth would be the OpenSSL mailing lists. The official Heartbleed web page has some information on it that is a good beginning for researching this bug, the the lists I mentioned above are probably the best source of information, after you understand the basics from the web page. Chris Walters
Re: [gentoo-user] Re: 'Heartbleed' bug
Hi, On 04/11/2014 12:55 AM, walt wrote: Steve Gibson explained that the heartbeat feature was introduced in openssl to allow *UDP* connections to mimic the 'keepalive' function of the TCP protocol. IIRC Steve didn't explain how UDP bugs can compromise TCP connections. Anyone here really understand the underlying principles? If so, please explain! yes, a TCP connection is stateful, so imho heartbeat is not necessary. But you don't always speak UDP or TCP. Imagine some sort of direct connection without any type of transportation layer. As a generic cryptographic library, OpenSSL is designed to be adaptable and universal. That broke OpenSSL's neck. We only can hope, that the heartbeat exploit was not widely used before they published that zero-day. But we can be sure, that this is not going to be the last vulnerability of this kind. Regards Ralf
