Upload File

heartbleed_infographic

1
7/17/2019 Heartbleed_infographic http://slidepdf.com/reader/full/heartbleedinfographic 1/1 WEB SERVER YOU ARE HERE ATTACKER SENSITIVE DATA FROM THE WEB SERVER’S MEMORY VULNERABLE OPENSSL (1.0.1-1.0.1) HEARTBLEED ATTACK INTERNET BANKING $ ONLINE SHOPPING SOCIAL NETWORKS PERSONAL, CORP EMAIL WELFARE,  TAX, HEALTH FINANCE, STOCK TRADE COMMUNICATIONS OVER TLS SERVER Secure Session Request Send Certificate Check Certificate Get Public Key Generate Session Key Decrypt Session Key with the Server’s Private Key Encrypt it with the Server’s Public Key Secure Communications with the Session Key CLIENT HOW TLS (TRANSPORT LAYER SECURITY) WORKS SERVER Send Heartbeat Request Message (to make sure the peer is alive) CLIENT HOW HEARTBEAT EXTENSION FOR TLS WORKS PAYLOAD HEARTBEAT REQUEST MESSAGE HEARTBEAT RESPONSE MESSAGE Extract payload & put it into Response Message Make sure the received payload is the same SERVER Malformed Heartbeat: Small payload disguised as a big one CLIENT HOW THE HEARTBLEED EXPLOIT WORKS RECEIVED HEARTBEAT RESPONSE Extract payload & put it into Response Message MEMORY DATA  TLS/SSL Private Keys Authentication Cookies Passwords/Credentials  The payload is expected to be big, so the ‘bucket’ gets other data too HEARTBLEED - THE OPENSSL HEARTBEAT EXPLOIT RECOMMENDATIONS FOR SERVER ADMINISTRATORS Check & Upgrade OpenSSL Change passwords & keys Apply IDS signatures Buy a new TLS certificate NUMBER OF VULNERABLE WEBSITES AMONG TOP 10,000 628 301 180 8 April 2014 4:00PM UTC 9 April 2014 7:30AM UTC 10 April 2014 12:30AM UTC 15.5 hours 17 hours  Copyright © 2014 BAE Systems. All Rights reserved. BAE SYSTEMS, the BAE SYSTEMS Logo and the product names referenced herein are trade marks of BAE Systems plc. Other company names, trade marks or products referenced herein are the property of t heir respective owners and are used only to describe such companies, trade marks or products. BAE Systems Applied Intelligence Limited is registered in England & Wales under company number 01337451 and has its registered office at Surrey R esearch Park, Guildford, England, GU2 7RQ. E: [email protected] E: [email protected] W: www.baesystems.com/ai & key pair VULNERABLE OPENSSL CLIENTS ARE ALSO SUSCEPTABLE TO ATTACK FROM COMPROMISED SERVERS (users & internal e.g. DB)

Upload: armvherisec

Post on 08-Jan-2016

212 views

Category:

Documents


0 download

Report

DESCRIPTION

Heartbleed_infographic

TRANSCRIPT

Page 1: Heartbleed_infographic

7/17/2019 Heartbleed_infographic

http://slidepdf.com/reader/full/heartbleedinfographic 1/1

WEB SERVER

YOU ARE

HERE

ATTACKER

SENSITIVE DATA FROM THE

WEB SERVER’S MEMORY

VULNERABLE

OPENSSL

(1.0.1-1.0.1f )

HEARTBLEED

ATTACK 

INTERNET

BANKING

$ ONLINE

SHOPPING

SOCIAL

NETWORKS

PERSONAL,

CORP EMAIL

WELFARE, TAX, HEALTH

FINANCE,STOCK TRADE

COMMUNICATIONS

OVER TLS

SERVER

Secure Session Request Send Certificate

Check Certificate

Get Public Key

Generate Session Key

Decrypt Session Key

with the Server’sPrivate Key

Encrypt it with the

Server’s Public Key Secure Communications

with the Session Key

CLIENT

HOW TLS (TRANSPORT LAYER SECURITY) WORKS

SERVER

Send HeartbeatRequest Message

(to make sure the peer is alive)

CLIENT

HOW HEARTBEAT EXTENSION FOR TLS WORKS

PAYLOAD

HEARTBEAT REQUEST

MESSAGE

HEARTBEAT RESPONSE

MESSAGE

Extract payload & put

it into Response Message

Make sure the received

payload is the same

SERVER

Malformed Heartbeat:Small payload disguised as

a big one

CLIENT

HOW THE HEARTBLEED EXPLOIT WORKS

RECEIVED

HEARTBEAT RESPONSE

Extract payload & put

it into Response Message

MEMORY

DATA

 TLS/SSL Private Keys

Authentication Cookies

Passwords/Credentials

 The payload

is expected to be big, so the

‘bucket’ gets other data too

HEARTBLEED - THE OPENSSL HEARTBEAT EXPLOIT

RECOMMENDATIONS FOR

SERVER ADMINISTRATORS

Check & Upgrade OpenSSL

Change passwords & keys

Apply IDS signatures

Buy a new TLS certificate

NUMBER OF VULNERABLE WEBSITES

AMONG TOP 10,000

628

301180

8 April 2014

4:00PM UTC

9 April 2014

7:30AM UTC

10 April 2014

12:30AM UTC

15.5 hours17 hours

 

Copyright © 2014 BAE Systems.

All Rights reserved. BAE SYSTEMS, the BAE SYSTEMS Logo and the product names referenced herein are trade marks of BAE Systems plc.Other company names, trade marks or products referenced herein are the property of t heir respective owners and are used only to describe such companies, trade marks or products.

BAE Systems Applied Intelligence Limited is registered in England & Wales under company number 01337451 and has its registered office at Surrey R esearch Park, Guildford, England, GU2 7RQ.

E: [email protected]

E: [email protected]: www.baesystems.com/ai

& key pair

VULNERABLE OPENSSL CLIENTS

ARE ALSO SUSCEPTABLE TO ATTACK 

FROM COMPROMISED SERVERS

(users & internal e.g. DB)

18 Tricks to Teach Your Body

Chapter-01

(Tesla) - The Tesla Magnetic Car Engine

Improve the Color Quality Of Your Monitor

The Last Carnival I Ever Saw

Cakes Recipes

Introduction to Six Sigma

Personality Development

I Am a Holocaust Denier and I Am Unafraid

How Computer Monitors Work

Simple Functions in Haskell

Star Wars Trivia!

Iron Mills Essay

Fortran

Oedipus The King: The Ideal Tragic Play

Bodybuilding - The Rock Hard Challenge (Month 1 Training)

Acetone Peroxide

Daniel Zanella and Alexander Weygers

Effective Parenting: Establishing Boundaries

Jan Van Eyck and the Man In A Red Turban

Algorithms

Life Is Just A Dream - Or Is It?

United States Constitution

Aesops Fables

Explore The Levels of Creation

Do you admire Leonardo da Vinci?

xCDC14a

European Colinization of Latin America

Who Killed God

Chapter 24

Star Wars Prequel Trilogy Trivia (Episodes I-III)

How Computer Keyboards Work

Tragic Heroes

Keyboard Shortcuts for the Opera Browser for Mac OS X

Venture Capital