SSL Attack Vector #1

2 minutes
Share the link to this page
Copied
  Completed
You need to have access to the item to view this lesson.
One-time Fee
$69.99
List Price:  $99.99
You save:  $30
€67.23
List Price:  €96.05
You save:  €28.81
£54.79
List Price:  £78.28
You save:  £23.48
CA$100.29
List Price:  CA$143.28
You save:  CA$42.98
A$112.09
List Price:  A$160.13
You save:  A$48.04
S$94.52
List Price:  S$135.03
You save:  S$40.51
HK$543.88
List Price:  HK$777
You save:  HK$233.12
CHF 61.94
List Price:  CHF 88.49
You save:  CHF 26.55
NOK kr788.73
List Price:  NOK kr1,126.80
You save:  NOK kr338.07
DKK kr502.03
List Price:  DKK kr717.22
You save:  DKK kr215.19
NZ$123.81
List Price:  NZ$176.87
You save:  NZ$53.06
د.إ257.07
List Price:  د.إ367.26
You save:  د.إ110.18
৳8,350.53
List Price:  ৳11,929.84
You save:  ৳3,579.31
₹5,977
List Price:  ₹8,538.94
You save:  ₹2,561.93
RM314.04
List Price:  RM448.65
You save:  RM134.61
₦108,176.53
List Price:  ₦154,544.52
You save:  ₦46,367.99
₨19,454.09
List Price:  ₨27,792.76
You save:  ₨8,338.66
฿2,391.55
List Price:  ฿3,416.65
You save:  ฿1,025.10
₺2,463.31
List Price:  ₺3,519.17
You save:  ₺1,055.85
B$446.27
List Price:  B$637.56
You save:  B$191.28
R1,312.34
List Price:  R1,874.85
You save:  R562.51
Лв131.59
List Price:  Лв188
You save:  Лв56.40
₩101,993.60
List Price:  ₩145,711.39
You save:  ₩43,717.78
₪255.42
List Price:  ₪364.90
You save:  ₪109.48
₱4,105.61
List Price:  ₱5,865.41
You save:  ₱1,759.80
¥11,000.67
List Price:  ¥15,715.92
You save:  ¥4,715.24
MX$1,411.29
List Price:  MX$2,016.21
You save:  MX$604.92
QR254.14
List Price:  QR363.08
You save:  QR108.93
P970.50
List Price:  P1,386.50
You save:  P415.99
KSh9,031.50
List Price:  KSh12,902.70
You save:  KSh3,871.20
E£3,557.88
List Price:  E£5,082.90
You save:  E£1,525.02
ብር8,897.26
List Price:  ብር12,710.92
You save:  ብር3,813.65
Kz63,830.88
List Price:  Kz91,190.88
You save:  Kz27,360
CLP$69,240.40
List Price:  CLP$98,919.10
You save:  CLP$29,678.70
CN¥510.85
List Price:  CN¥729.82
You save:  CN¥218.97
RD$4,256.60
List Price:  RD$6,081.12
You save:  RD$1,824.52
DA9,455.74
List Price:  DA13,508.78
You save:  DA4,053.03
FJ$162.28
List Price:  FJ$231.84
You save:  FJ$69.55
Q538.26
List Price:  Q768.97
You save:  Q230.71
GY$14,619.81
List Price:  GY$20,886.35
You save:  GY$6,266.53
ISK kr9,767.10
List Price:  ISK kr13,953.60
You save:  ISK kr4,186.50
DH704.68
List Price:  DH1,006.73
You save:  DH302.05
L1,289.28
List Price:  L1,841.91
You save:  L552.62
ден4,135.94
List Price:  ден5,908.74
You save:  ден1,772.79
MOP$559.01
List Price:  MOP$798.63
You save:  MOP$239.61
N$1,299.34
List Price:  N$1,856.28
You save:  N$556.93
C$2,571.30
List Price:  C$3,673.45
You save:  C$1,102.14
रु9,517.06
List Price:  रु13,596.38
You save:  रु4,079.32
S/260.20
List Price:  S/371.74
You save:  S/111.53
K283.61
List Price:  K405.18
You save:  K121.56
SAR262.82
List Price:  SAR375.47
You save:  SAR112.65
ZK1,933.89
List Price:  ZK2,762.82
You save:  ZK828.92
L334.85
List Price:  L478.38
You save:  L143.52
Kč1,692.49
List Price:  Kč2,417.95
You save:  Kč725.45
Ft27,633.93
List Price:  Ft39,478.73
You save:  Ft11,844.80
SEK kr761.65
List Price:  SEK kr1,088.11
You save:  SEK kr326.46
ARS$71,885.87
List Price:  ARS$102,698.50
You save:  ARS$30,812.63
Bs482.86
List Price:  Bs689.84
You save:  Bs206.97
COP$308,852.42
List Price:  COP$441,236.66
You save:  COP$132,384.23
₡35,480.70
List Price:  ₡50,688.88
You save:  ₡15,208.18
L1,775.44
List Price:  L2,536.46
You save:  L761.01
₲544,980.94
List Price:  ₲778,577.57
You save:  ₲233,596.63
$U3,110.44
List Price:  $U4,443.67
You save:  $U1,333.23
zł286.56
List Price:  zł409.39
You save:  zł122.83
Already have an account? Log In

Transcript

In this section we will be talking about SSL floats and how to mitigate them. Basically, how an SSL float works is an attacker establishes the TLS station, which is the SSL session basically done right after the establishment, he terminates it and repeats the process all over again. And this process exhausts to server because establishment of such TLS Connections is quite costly for the server. against those attacks in most cases, firewalls cannot help because the three way handshake is already established. In other words, this is dumb. The shipment of TLS session happens after the three way handshake on TCP IP model application layer.

Therefore, in most cases for such attacks, firewalls cannot help. How we can detect this basically, you can filter on TCP port 443, which is port for HTTPS, and you can count the number of sessions afterwards. And if you want to find out more information per session, you can just right click on one of the findings and follow the TCP stream. And of course, how to mitigate that. by tracking the number of SSL sessions and setting thresholds permanent, you can do it per source or per the combination of source and destination depending on your infrastructure. The most important thing is to track the number of SSL sessions and set appropriate thresholds.

And when the number exceeds them, you just need to block the source from establishing new connections. Another important thing for mitigation is, if possible, terminating SSL at your load balancer. Or if you are using a CDN at its load balancer, that your servers it will help you a lot during a DDoS attack. This will give you more flexibility while mitigating the DDoS attack. As it will prevent your server from being affected. So instead of terminating the SSL at your server, if you have a load balancer deployed, try to use your load balancer for the same purpose.

Sign Up

Share

Share with friends, get 20% off
Invite your friends to LearnDesk learning marketplace. For each purchase they make, you get 20% off (upto $10) on your next purchase.