Re: SSL DOS Hacking tool released, the onslaught continues

Fri, 28 Oct 2011 13:00:03 -0700 

Thanks, EZ

* *

*ASB* *http://XeeMe.com/AndrewBaker* *Harnessing the Advantages of
Technology for the SMB market…

*



On Fri, Oct 28, 2011 at 3:50 PM, Ziots, Edward <[email protected]> wrote:

> --Hacker Tool Launches DoS Attack Against SSL Server With One Laptop
> (October 25, 2011) A group called The Hackers Choice has released a tool
> that can launch a denial-of-service attack against an HTTPS web server with
> just one laptop over a DSL connection. The tool exploits the SSL
> renegotiation feature to overwhelm the server. The Hackers Choice members
> recommend disabling SSL renegotiation. One of the members points to a series
> of issues with SSL that have become evident over the past few years,
> including a very high percentage of SSL-based sites that are not properly
> configured and the problems inherent in "giving hundreds of commercial
> companies (so-called Certificate Authorities) a master key to ALL SSL
> traffic."****
>
>
> http://www.darkreading.com/authentication/167901072/security/vulnerabilities/231901641/index.html?itc=edit_stub
> ****
>
>
> http://www.h-online.com/security/news/item/New-denial-of-service-tool-knocks-out-encrypting-servers-1366564.html
> ****
>
> ** **
>
> EZ****
>
> ** **
>
> Edward E. Ziots****
>
> CISSP, Network +, Security +****
>
> Security Engineer****
>
> Lifespan Organization****
>
> Email:[email protected]****
>
> Cell:401-639-3505****
>
> [image: CISSP_logo]****
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to [email protected]
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to [email protected]
with the body: unsubscribe ntsysadmin

<<image001.jpg>>

Reply via email to