OpenSSL DROWN溺亡漏洞的检测及修复方法
来源:互联网 发布:如何看淘宝等级 编辑:程序博客网 时间:2024/04/30 13:57
一、漏洞描述: 现在流行的服务器和客户端使用TLS加密,SSL和TLS协议保证用户上网冲浪,购物,即时通信而不被第三方读取到。DROWN(溺亡)漏洞允许攻击者破坏这个加密体系,通过“中间人劫持攻击”读取或偷取敏感通信,包括密码,信用卡帐号,商业机密,金融数据等。
二、漏洞影响:
大部分支持SSLv2的服务器均会受到该漏洞影响,比如启用了ssl、tls加密的web服务器、邮件服务器。
三、检测方法:
你也可使用检测工具检查,下载地址:
https://github.com/nimia/public_drown_scanner
四、修复方法:
确保你的私钥不适用于其他的支持sslv2服务,包括web,smtp,imap,pop服务等。禁止服务器端的sslv2支持。如果是Openssl,请查看OpenSSL官方给出的修复指南。
https://www.openssl.org/blog/blog/2016/03/01/an-openssl-users-guide-to-drown/
如果是nginx服务器直接在nginx.conf配置文件中去掉ssl_protocols SSLv2的支持。
示例:
[root@yn_vm_dev46 public_drown_scanner]# yum install python-virtualenv
[root@yn_vm_dev46 public_drown_scanner]# virtualenv drown
New python executable in drown/bin/python
Installing Setuptools……………………………………………………………………………………………………………………………………………………………………………………………………done.
Installing Pip……………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………….done.
[root@yn_vm_dev46 public_drown_scanner]#
[root@yn_vm_dev46 public_drown_scanner]#
[root@yn_vm_dev46 public_drown_scanner]# cd drown/
[root@yn_vm_dev46 drown]# ls
bin include lib lib64
[root@yn_vm_dev46 drown]# ./bin/activate
-bash: ./bin/activate: Permission denied
[root@yn_vm_dev46 drown]# . ./bin/activate
(drown)[root@yn_vm_dev46 drown]#
(drown)[root@yn_vm_dev46 drown]#
(drown)[root@yn_vm_dev46 drown]# pip install enum pycrypto scapy pyasn1 scapy-ssl_tls
(drown)[root@yn_vm_dev46 drown]# python /root/public_drown_scanner/scanner.py www.com 443
Testing www.com on port 443
www.com: Server is vulnerable, with cipher RC2_128_CBC_EXPORT40_WITH_MD5
www.com: Server is vulnerable, with cipher RC4_128_EXPORT40_WITH_MD5
www.com: Case 7; Symmetric key did not successfully verify on server finished message
www.com: Server is NOT vulnerable with cipher RC4_128_WITH_MD5, Message: 7: no tls
www.com: Server is vulnerable, with cipher DES_64_CBC_WITH_MD5
(drown)[root@yn_vm_dev46 drown]# python /root/public_drown_scanner/scanner.py www.com 443
Testing www.com on port 443
www.com: Case 3b; Connection reset by peer when waiting for server hello
www.com: Server is NOT vulnerable with cipher RC2_128_CBC_EXPORT40_WITH_MD5, Message: 3b: no tls
www.com: Case 3b; Connection reset by peer when waiting for server hello
www.com: Server is NOT vulnerable with cipher RC4_128_EXPORT40_WITH_MD5, Message: 3b: no tls
www.com: Case 3b; Connection reset by peer when waiting for server hello
www.com: Server is NOT vulnerable with cipher RC4_128_WITH_MD5, Message: 3b: no tls
www.com: Case 3b; Connection reset by peer when waiting for server hello
www.com: Server is NOT vulnerable with cipher DES_64_CBC_WITH_MD5, Message: 3b: no tls
- OpenSSL DROWN溺亡漏洞的检测及修复方法
- Web漏洞检测及修复
- 关于近期很火的Bash漏洞的检测及修复方法
- 关于近期很火的Bash漏洞的检测及修复方法
- openssl 再爆惊天漏洞及紧急修复指南
- OpenSSL漏洞升级修复
- linux openssl漏洞修复
- IOS中UIWebView的UXSS漏洞及修复方法
- 项目中遇到的水平越权漏洞及修复方法
- SSL/TLS Suffers ‘Bar Mitzvah Attack’漏洞检测方法及修复建议
- 350万HTTPS服务器受到了DROWN漏洞的影响
- 跳转漏洞的检测和修复
- OpenSSL曝“DROWN”漏洞,沃通建议3步防攻击
- Linux glibc幽灵(GHOST)漏洞检测及修复方案
- 重新编译Nginx指导手册【修复静态编译Openssl的Nginx漏洞 】[Openssl Heartbleed]
- 升级OpenSSL修复高危漏洞Heartbleed
- 升级OpenSSL修复高危漏洞Heartbleed测试
- OpenSSL修复加密漏洞、加强Logjam防御
- Java包装类 & Java7的 compare()方法
- Android ScrollView与ListView,GridView共存冲突解决方案
- hibernate 聚合函数
- UINavgationController相关问题
- Android应用架构
- OpenSSL DROWN溺亡漏洞的检测及修复方法
- HBase之Java API
- Cocos2dx跨平台编译Android错误:format not a string literal and no format arguments [-Werror=format-security]
- 真机测试 之 Xcoder 7.0 免证书真机测试
- [LeetCode]137. Single Number II
- 分布式存储 CentOS6.5虚拟机环境搭建FastDFS-5.0.5集群
- 安卓App热补丁动态修复技术介绍
- 高德坐标系转换
- StringToBase64