ROBOT AttackDefensive Cyber Security

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATION
Already a Member Login Here

Home Forums Cyber Security Defensive Cyber Security ROBOT Attack

This topic contains 0 replies, has 1 voice, and was last updated by  Chin_Diesel 1 year, 9 months ago.

Viewing 1 post (of 1 total)
  • Author
    Posts
  • #108246

    Chin_Diesel
    Moderator

    Sorry to not do another topic about dumb shit like everyone elses NON-defensive cybersecurity posts about email conversion, but I figured you guys might be interested in something that is actually going on currently. That is the ROBOT attack, or Return Of Bleichenbacher’s Oracle Threat. This is a modification of a 19 year old vulnerability (remember kids, they tell you to pay attention to the old attacks, because they still have relevance) that makes ciphers that use RSA as the key exchange garbage.

    Initially, I thought this was REALLY going to mess up Microsoft systems that were still using TLS 1.0, because up until recently, the ONLY ciphers you could use at TLS 1.0 were either RC4 (Bar Mitzvah attack), Triple DES ciphers (SWEET32 attack), or the until now, relatively safe TLS_RSA_WITH_AES_128_SHA (or its 256 byte variant), but kiss that one goodbye as well. Luckily, a recent patch allows those nice Elliptic curve ciphers to trickle on down to the lower protocol levels, so you still have some ciphers that are safe to use, if you are dumb or unfortunate enough to still be using TLS 1.0.

    So, how do you protect yourself against this? Well, if you are running a Microsoft OS and happen to be using something that would require a SSL connection, like, an IIS server or RDP, then you will want to shut off the bad ciphers through the registry using SCHANNEL. Keep in mind that does not affect Java-based web servers, like JBOSS, Tomcat, and others like them. For those, you will have to hope that you can do an easy fix, like modifying the java.security file, otherwise, youll have to dip in to a config file somewhere in the app and find the file that sets the ciphers and protocols to use, and eliminate it there.

    Oh, and if you want to read up more on this, just go to THE OFFICIAL WEBSITE

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel