What version of TLS are your servers using?

September 27th, 2011 | Security | No Comments »

A new hacking tool called BEAST cracks TLS 1.0/ SSL in under 10 minutes.

The attack is very specific and the attacker needs access to the network, however most servers are using version 1.0 of TLS required for the crack to work.

More details at the H Security. The cracker debuted the exploit at ekoparty September 20.

You can check the version of your TLS/SSL by running

openssl s_client -connect server.com:443 -[sslversion]

use ssl3, ssl2, tls1, dtls1 for [sslversion] to verify versions from an openssl enabled machine…

Tags: attacks, criminal hacking, cybersecurity, encryption, Security, SSL, tsl

dogecoin, the new world currency

Health Technology Forum Dallas/Fort Worth

Bar to Grab Medicare Incentives for Meaningful Use of EHR Extended

Decrease in hacked records points to craftier attacks, not better security

What version of TLS are your servers using?

If you enjoyed this article, get new ones by email (it's free).

Leave a Reply

Get updates (it's free).

Wired Security

Security Magazine Cyber Security

Security Magazine Healthcare

Cyber Security Case Studies

Archives

reader locate