|
- What is Logjam and how do I prevent it? - Information Security Stack . . .
I heard there is a "new" TLS vulnerability named Logjam, what does it do and how do I prevent it?
- How to check if a server is not vulnerable to Logjam?
In response to Logjam I want to prove I've hardened my services I know that the DH param has to be 2048 bits at least and self generated But I am unable to find a way to actually check this for something other than an HTTPS site (thats I can do here) I would like to check my other SSL protected services for this as well: Mail (Postfix and
- Command to check a website is vulnerable to Logjam
Actually the main purpose is, the website I support is being reported having vulnerable to Logjam, I first time see this word, thus I just google around and find something to fix However, I cant test my solution in production environment I need to verify in SIT first, but SIT ip is not open to public, its in internal network
- How can a RSA-2048 certificate be vulnerable to logjam attack?
Most likely I am missing some fundamentals: Our web servers are secured with TLS encryption We use RSA-2048 bit certificates The logjam attack targets the DH algorithm How can our web servers be
- Logjam definition question - Information Security Stack Exchange
In Logjam attack, the client presents a list of cipher suites (includes some strong cipher and EXPORT cipher as well) A Man-in-the-Middle attack will change this request such that highest grade cipher in the request becomes the EXPORT grade cipher
- Diffie-Hellman Key Exchange in plain English
Diffie-Hellman is a way of generating a shared secret between two people in such a way that the secret can't be seen by observing the communication That's an important distinction: You're not sharing information during the key exchange, you're creating a key together This is particularly useful because you can use this technique to create an encryption key with someone, and then start
- What are the OpenSSL standard Diffie-Hellman parameters (primes)?
I recently generated some custom Diffie-Hellman parameters which are basically just long (in the below case 4096 bit) primes Those are then used in the key exchange process I used the following c
- diffie hellman - Cipher suites vulnerable to logjam - Information . . .
For more info see my answers to these questions: Securing Chrome against Logjam on Windows and How to Check if a server is not vulnerable to logjam?
|
|
|