ProHoster > Π‘Π»ΠΎΠ³ > administratio > HTTPS non semper tam securum ut videtur. Vulnerabilities in 5,5% of HTTPS sites

HTTPS non semper tam securum ut videtur. Vulnerabilities in 5,5% of HTTPS sites

HTTPS non semper tam securum ut videtur. Vulnerabilities in 5,5% of HTTPS sites
Una e summis Alexa sitis (circulus centralis), ab HTTPS munitus, cum subdomainibus (grisiis) et clientibus (albis), inter quos vulnerabiles (obumbrati sunt)

Hodie, icon secure HTTPS facta est signum et attributum etiam necessarium cuiuslibet gravissimi loci. Si libellum deesse, omnes fere recentes navigatores commonitionem demonstrant nexum ad locum is "non secure" nec suadeo ad eam secretiorem tradendam informationem.

Sed evenit ut praesentiam "cincinni" in locatione inscriptionis non semper praesidium spondeat. Reprehendo 10 locis ducens ex Alexa ordo demonstravit: multae ex eis obnoxiae sunt criticis SSL/TLS protocollis vulnerabilities, plerumque per subdomains vel clientelas. Secundum studiorum auctores, multiplicitas applicationum interretialis modernorum valde auget impetum superficiei.

Investigationis eventus

Studium peractum est a peritis Universitatis Ca' Foscari Venetiarum (Italia) et Universitatis Technicae Vindobonae. Singulos relationes exhibebunt in Symposio Securitatis et Secreti XL IEEE, quae mense Maio 40βˆ’20, 22 in San Francisco habebuntur.

Summitas 10 HTTPS sites in catalogo Alexa et 000 exercituum consociatorum repressae sunt. Configurationes cryptographicae vulnerabiles in 90 exercituum notae sunt, id est, circiter 816% totius:

  • (IV)DCCCXVIII vulnerari MITM
  • 733 vulnerable ad plenum TLS decryption
  • 912 vulnerable ad partialem TLS decryption

898 sites sunt omnino apertae caesim, id est, iniectionem scriptorum tertii-partium permittunt, et 977 sites contenti sunt ex paginis aegre tutis quas oppugnator cum se cohaerere potest.

Investigatores in lucem proponunt inter annos 898 facultates "absolutas" esse thesauros online, officia pecuniaria aliaque magnas sites. 660 e 898 sitis scripta externa de vulnerabilibus exercitibus extrahunt: hoc est praecipuum periculum. Secundum auctores, multiplicitas applicationum textus recentiorum valde auget oppugnationis superficiem.

Aliae quaestiones etiam inventae sunt: ​​10% concessionis formae problemata habent cum securo informationum transmissione, quae tesserae lacus imminet, 412 situs crustularum interceptionem et "sessionis raptio" et 543 situs susceptibiles sunt impetus in crustulum integritatis (per subdomains ).

Problema est annis proximis SSL/TLS protocolla et programmata multis vulnerabilities sunt identified: POODLE (CVE-2014-3566), BESTUM (CVE-2011-3389), CRIMINE (CVE-2012-4929), FOEDERATIO (CVE-2013-3587) et Cordis (CVE-2014-0160). Ad contra eos tuendos, complures occasus in servo et cliente laterum requiruntur ad usum versionum vulnerabilium antiquarum vitandum. Sed haec ratio non levis est, quia talis occasus involvunt ex ampla copia notarum et protocolla eligenda, quae intellectu admodum difficilia sunt. Non semper liquet quae notae consentaneae et protocolla Β«satis securae habenturΒ».

Commendatur occasus

Nemo publice probatus est et in indice commendationis HTTPS occasus constat. Ita, Mozilla SSL configurationis Generator nonnullas optiones conformationis praebet, secundum e gradu debiti tutelae. Exempli gratia hic commendatur occasus pro nginx 1.14.0 servo:

Modus modernus

Seniorem clientes sustentabant: Firefox 27, Chrome 30, IE 11 in Fenestra 7, Edge, Opera 17, Safari 9, Android 5.0, et Java 8

server {
listen 80 default_server;
listen [::]:80 default_server;

# Redirect all HTTP requests to HTTPS with a 301 Moved Permanently response.
return 301 https://$host$request_uri;
}

server {
listen 443 ssl http2;
listen [::]:443 ssl http2;

# certs sent to the client in SERVER HELLO are concatenated in ssl_certificate
ssl_certificate /path/to/signed_cert_plus_intermediates;
ssl_certificate_key /path/to/private_key;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;


# modern configuration. tweak to your needs.
ssl_protocols TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
ssl_prefer_server_ciphers on;

# HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
add_header Strict-Transport-Security max-age=15768000;

# OCSP Stapling ---
# fetch OCSP records from URL in ssl_certificate and cache them
ssl_stapling on;
ssl_stapling_verify on;

## verify chain of trust of OCSP response using Root CA and Intermediate certs
ssl_trusted_certificate /path/to/root_CA_cert_plus_intermediates;

resolver <IP DNS resolver>;

....
}

Mediocris firmamentum

Seniorem clientes sustentabant: Firefox 1, Chrome 1, IE 7, Opera 5, Safari 1, Windows XP IE8, Android 2.3, Java 7

server {
listen 80 default_server;
listen [::]:80 default_server;

# Redirect all HTTP requests to HTTPS with a 301 Moved Permanently response.
return 301 https://$host$request_uri;
}

server {
listen 443 ssl http2;
listen [::]:443 ssl http2;

# certs sent to the client in SERVER HELLO are concatenated in ssl_certificate
ssl_certificate /path/to/signed_cert_plus_intermediates;
ssl_certificate_key /path/to/private_key;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;

# Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits
ssl_dhparam /path/to/dhparam.pem;

# intermediate configuration. tweak to your needs.
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
ssl_prefer_server_ciphers on;

# HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
add_header Strict-Transport-Security max-age=15768000;

# OCSP Stapling ---
# fetch OCSP records from URL in ssl_certificate and cache them
ssl_stapling on;
ssl_stapling_verify on;

## verify chain of trust of OCSP response using Root CA and Intermediate certs
ssl_trusted_certificate /path/to/root_CA_cert_plus_intermediates;

resolver <IP DNS resolver>;

....
}

Vetus firmamentum

Seniorem clientes sustentabant: Windows XP IE6, Java 6

server {
listen 80 default_server;
listen [::]:80 default_server;

# Redirect all HTTP requests to HTTPS with a 301 Moved Permanently response.
return 301 https://$host$request_uri;
}

server {
listen 443 ssl http2;
listen [::]:443 ssl http2;

# certs sent to the client in SERVER HELLO are concatenated in ssl_certificate
ssl_certificate /path/to/signed_cert_plus_intermediates;
ssl_certificate_key /path/to/private_key;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;

# Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits
ssl_dhparam /path/to/dhparam.pem;

# old configuration. tweak to your needs.
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:DES-CBC3-SHA:HIGH:SEED:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!RSAPSK:!aDH:!aECDH:!EDH-DSS-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!SRP';
ssl_prefer_server_ciphers on;

# HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
add_header Strict-Transport-Security max-age=15768000;

# OCSP Stapling ---
# fetch OCSP records from URL in ssl_certificate and cache them
ssl_stapling on;
ssl_stapling_verify on;

## verify chain of trust of OCSP response using Root CA and Intermediate certs
ssl_trusted_certificate /path/to/root_CA_cert_plus_intermediates;

resolver <IP DNS resolver>;

....
}

Commendatur semper uti notis plenis et recentissima versione OpenSSL. Copia cyphrorum in uncinis server indicat prioritatem in qua adhibebuntur secundum uncinis clientium.

Investigatio ostendit simpliciter libellum HTTPS instituere non satis esse. "Dum crustulas non tractamus, sicut in anno 2005 fecimus, et "decens TLS" vulgaris facta est, evenit ut hae res fundamentales non satis sint ad mirae magnitudinis numeros admodum populares situs obtinendos". dicens: auctorum operis. Ut canalem inter servitorem et clientem fideliter tueatur, debes diligenter monere infrastructuram domesticorum suorum et tertiae factionis exercituum, ex quibus contentum loci praebetur. Posset facere sensum ut computum ordinaret ex aliqua tertia factione societas quae specialitas in securitate informationis est.

HTTPS non semper tam securum ut videtur. Vulnerabilities in 5,5% of HTTPS sites

Source: www.habr.com