Wieħed mill-aqwa siti Alexa (ċirku ċentrali), protett minn HTTPS, b'sottodominji (griż) u dipendenzi (abjad), li fosthom hemm dawk vulnerabbli (sfumaturi)
Illum il-ġurnata, l-ikona ta 'konnessjoni sikura HTTPS saret attribut standard u anke meħtieġ ta' kwalunkwe websajt serja. Jekk nieqsa, kważi l-browsers riċenti kollha juru twissija li u ma jirrakkomandawx li tittrażmettilu informazzjoni kunfidenzjali.
Iżda jirriżulta li l-preżenza ta '"lock" fil-bar tal-indirizz mhux dejjem tiggarantixxi protezzjoni. mill-klassifikazzjoni Alexa wriet: ħafna minnhom huma esposti għal vulnerabbiltajiet kritiċi tal-protokoll SSL/TLS, ġeneralment permezz ta 'sottodominji jew dipendenzi. Skont l-awturi tal-istudju, il-kumplessità tal-applikazzjonijiet tal-web moderni żżid ħafna l-wiċċ tal-attakk.
Riżultati tar-riċerka
L-istudju sar minn speċjalisti mill-Università Ca' Foscari ta' Venezja (l-Italja) u mill-Università Teknika ta' Vjenna. Se jippreżentaw rapport dettaljat fl-40 Simpożju IEEE dwar is-Sigurtà u l-Privatezza, li se jsir bejn l-20 u t-22 ta’ Mejju, 2019 f’San Francisco.
L-aqwa 10 sit HTTPS fuq il-lista ta 'Alexa u 000 host assoċjati ġew iċċekkjati. Konfigurazzjonijiet kriptografiċi vulnerabbli ġew identifikati fuq 90 host, jiġifieri, madwar 816% tat-total:
- 4818 vulnerabbli għall-MITM
- 733 vulnerabbli għal deċifrar TLS sħiħ
- 912 vulnerabbli għal deċifrar parzjali TLS
898 sit huma kompletament miftuħa għall-hacking, jiġifieri, jippermettu l-injezzjoni ta 'skripts ta' partijiet terzi, u 977 sit iniżżlu kontenut minn paġni dgħajjef protetti li attakkant jista 'jinteraġixxi magħhom.
Ir-riċerkaturi jenfasizzaw li fost it-898 riżorsi "kompromessi għal kollox" hemm ħwienet online, servizzi finanzjarji u siti kbar oħra. 660 minn 898 sit iniżżlu skripts esterni minn hosts vulnerabbli: dan huwa s-sors ewlieni tal-periklu. Skont l-awturi, il-kumplessità tal-applikazzjonijiet tal-web moderni żżid ħafna l-wiċċ tal-attakk.
Ġew skoperti wkoll problemi oħra: 10% tal-formoli ta’ awtorizzazzjoni għandhom problemi bit-trażmissjoni sigura tal-informazzjoni, li thedded it-tnixxija tal-password, 412-il sit jippermettu interċettazzjoni tal-cookies u "sessjoni ta’ ħtif," u 543 sit huma suxxettibbli għal attakki fuq l-integrità tal-cookies (permezz ta’ sottodominji). ).
Il-problema hija li f'dawn l-aħħar snin, protokolli u software SSL/TLS : POODLE (CVE-2014-3566), BEAST (CVE-2011-3389), KRIME (CVE-2012-4929), KSUR (CVE-2013-3587) u Heartbleed (CVE-2014-0160). Biex tipproteġi kontrihom, huma meħtieġa għadd ta 'settings fuq in-naħat tas-server u tal-klijent biex jiġi evitat l-użu ta' verżjonijiet vulnerabbli qodma. Iżda din hija proċedura pjuttost mhux trivjali, minħabba li tali settings jinvolvu l-għażla minn sett estensiv ta 'ċifra u protokolli, li huma pjuttost diffiċli biex jinftiehmu. Mhux dejjem huwa ċar liema suites taċ-ċifra u protokolli huma kkunsidrati bħala "siguri biżżejjed."
Settings irrakkomandati
M'hemm ħadd uffiċjalment approvat u miftiehem fuq lista ta 'settings HTTPS rakkomandati. Allura, joffri diversi għażliet ta 'konfigurazzjoni, skond il-livell meħtieġ ta' protezzjoni. Pereżempju, hawn huma s-settings rakkomandati għas-server nginx 1.14.0:
Modalità moderna
Klijenti appoġġjati l-aktar antiki: Firefox 27, Chrome 30, IE 11 fuq Windows 7, Edge, Opera 17, Safari 9, Android 5.0, u Java 8
server {
listen 80 default_server;
listen [::]:80 default_server;
# Redirect all HTTP requests to HTTPS with a 301 Moved Permanently response.
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
# certs sent to the client in SERVER HELLO are concatenated in ssl_certificate
ssl_certificate /path/to/signed_cert_plus_intermediates;
ssl_certificate_key /path/to/private_key;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
# modern configuration. tweak to your needs.
ssl_protocols TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
ssl_prefer_server_ciphers on;
# HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
add_header Strict-Transport-Security max-age=15768000;
# OCSP Stapling ---
# fetch OCSP records from URL in ssl_certificate and cache them
ssl_stapling on;
ssl_stapling_verify on;
## verify chain of trust of OCSP response using Root CA and Intermediate certs
ssl_trusted_certificate /path/to/root_CA_cert_plus_intermediates;
resolver <IP DNS resolver>;
....
}Appoġġ medju
Klijenti appoġġjati l-aktar antiki: Firefox 1, Chrome 1, IE 7, Opera 5, Safari 1, Windows XP IE8, Android 2.3, Java 7
server {
listen 80 default_server;
listen [::]:80 default_server;
# Redirect all HTTP requests to HTTPS with a 301 Moved Permanently response.
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
# certs sent to the client in SERVER HELLO are concatenated in ssl_certificate
ssl_certificate /path/to/signed_cert_plus_intermediates;
ssl_certificate_key /path/to/private_key;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
# Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits
ssl_dhparam /path/to/dhparam.pem;
# intermediate configuration. tweak to your needs.
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
ssl_prefer_server_ciphers on;
# HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
add_header Strict-Transport-Security max-age=15768000;
# OCSP Stapling ---
# fetch OCSP records from URL in ssl_certificate and cache them
ssl_stapling on;
ssl_stapling_verify on;
## verify chain of trust of OCSP response using Root CA and Intermediate certs
ssl_trusted_certificate /path/to/root_CA_cert_plus_intermediates;
resolver <IP DNS resolver>;
....
}Appoġġ antik
Klijenti appoġġjati l-aktar antiki: Windows XP IE6, Java 6
server {
listen 80 default_server;
listen [::]:80 default_server;
# Redirect all HTTP requests to HTTPS with a 301 Moved Permanently response.
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
# certs sent to the client in SERVER HELLO are concatenated in ssl_certificate
ssl_certificate /path/to/signed_cert_plus_intermediates;
ssl_certificate_key /path/to/private_key;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
# Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits
ssl_dhparam /path/to/dhparam.pem;
# old configuration. tweak to your needs.
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:DES-CBC3-SHA:HIGH:SEED:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!RSAPSK:!aDH:!aECDH:!EDH-DSS-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!SRP';
ssl_prefer_server_ciphers on;
# HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
add_header Strict-Transport-Security max-age=15768000;
# OCSP Stapling ---
# fetch OCSP records from URL in ssl_certificate and cache them
ssl_stapling on;
ssl_stapling_verify on;
## verify chain of trust of OCSP response using Root CA and Intermediate certs
ssl_trusted_certificate /path/to/root_CA_cert_plus_intermediates;
resolver <IP DNS resolver>;
....
}Huwa rakkomandat li dejjem tuża s-cipher suite sħiħa u l-aħħar verżjoni ta' OpenSSL. Is-sett ta 'ċifri fis-settings tas-server jindika l-prijorità li fiha se jintużaw, skont is-settings tal-klijent.
Ir-riċerka turi li sempliċement l-installazzjoni ta 'ċertifikat HTTPS mhix biżżejjed. "Filwaqt li ma nittrattawx il-cookies bħalma għamilna fl-2005, u 'TLS deċenti' sar komuni, jirriżulta li dawn l-affarijiet bażiċi mhumiex biżżejjed biex jiżguraw numru kbir sorprendentement ta' siti popolari ħafna," awturi tax-xogħol. Biex tipproteġi b'mod affidabbli l-kanal bejn is-server u l-klijent, għandek bżonn tissorvelja bir-reqqa l-infrastruttura tas-sottodominji tiegħek stess u l-hosts ta 'partijiet terzi li minnhom jiġi fornut il-kontenut għas-sit. Jista 'jagħmel sens li tordna verifika minn xi kumpanija ta' parti terza li tispeċjalizza fis-sigurtà tal-informazzjoni.
Sors: www.habr.com