IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [beast]

BEAST is an attack against SSL/TLS versions up to TLS 1.0.

38 questions
5
votes
1 answer

IIS 6.0 - mitigating BEAST

Recently, my PCI assessor informed me that my servers are vulnerable to BEAST and failed me. I did my homework and I want to change our webservers to prefer RC4 ciphers over CBC. I followed every guide I could find... I changed my reg keys for my…
D3l_Gato
  • 153
  • 4
4
votes
5 answers

Should I ignore the BEAST SSL exploit and continue to prefer AES?

Because of the BEAST exploit it seems everyone is saying you should stop using AES and instead use RC4. I am wondering if it wouldn't be better to continue using AES instead for the following reasons: To exploit BEAST the attacker has to get the…
Sarel Botha
  • 1,147
  • 7
  • 8
4
votes
1 answer

Do the BEAST and CRIME attacks apply to an IMAP service?

While setting up the Dovecot IMAP service, I noticed that the default parameters are not optimal, it allows SSLv3 for example. Using Thomas Pournin's TestSSLServer.java program, I saw the following: ... Minimal encryption strength: strong…
Lekensteyn
  • 5,898
  • 5
  • 37
  • 62
4
votes
3 answers

BEAST: IIS6: Failing PCI scan - are these ciphers OK?

Our PCI compliance scanner, TrustWave, have failed our Win 2003/IIS6 site on BEAST because of the following cyphers: Cipher Suite: SSLv3 : DES-CBC3-SHA Cipher Suite: SSLv3 : RC4-SHA Cipher Suite: SSLv3 : RC4-MD5 Cipher Suite: TLSv1 :…
GlennG
  • 143
  • 1
  • 1
  • 7
4
votes
2 answers

Next Microsoft Patch Tuesday include BEAST SSL fix

http://thehackernews.com/2012/01/next-microsoft-patch-tuesday-include.html I thought the vulnerability that BEAST uses is already fixed on "Microsoft" side, no? Can someone please clarify this?: https://security.stackexchange.com/a/9952/2212 The…
LanceBaynes
  • 6,149
  • 11
  • 60
  • 91
3
votes
1 answer

Is RDP susceptible to the BEAST attack?

I have Windows 2008 R2 servers which are failing a PCI vulnerability scan because they have RDP enabled (needs to be disabled). I have applied the PCI settings of IISCrypto tool, but I have to leave TLS 1.0 enabled in order not to break RDP. The…
Jim Balo
  • 131
  • 1
  • 3
3
votes
2 answers

how to experiment with BEAST attacks

from basic research my understanding is: it is vulnerable in TLS 1.0 in SSL 3 Attacker can inject javascript and pass some known text to some server where attacker will get the encrypted version of known plain text and this is how the encryption…
jmj
  • 197
  • 3
  • 10
3
votes
2 answers

BEAST mitigation on a Cisco ACE 4710 load balancer

We are looking to mitigate BEAST (and similar) on our Cisco ACE appliance (running version A4(2.0)), which is the 'endpoint' for a handful of load-balanced services. Some of these service still run with SHA1-signed certificates (although we are…
jimbobmcgee
  • 408
  • 1
  • 4
  • 12
2
votes
1 answer

BEAST some misunderstandings

I was reading the Here Come The ⊕ Ninjas document about the BEAST attack discovered by Thai Duong & Juliano Rizzo. There are two points I cannot understand. At the section 5 - Application: Decrypting HTTPS Requests, they explain step by step to…
mpgn
  • 290
  • 3
  • 15
2
votes
3 answers

Does it make sense to keep RC4?

I know that the RC4 cipher when used with SSL is vulnerable to certain attacks, which in the worst case scenario could result in authentication tokens being stolen. But RC4 is also recommended as a cipher to mitigate the BEAST attack. Is it a better…
Sonny Ordell
  • 3,476
  • 9
  • 33
  • 56
2
votes
1 answer

"Must have" and "Preferred Cipher" suites terminology

I have received the following advise to set cipher suites to suitably mitigate Beast attack on a newly setup Apache HTTPD server. Preferred ciphers: RC4-SHA, RC4-MD5 Must Have Ciphers: AES256-SHA, AES128-SHA, DES-CBC3-SHA, RC4-SHA,…
John
  • 223
  • 3
  • 13
2
votes
1 answer

OpenSSL: Enable cipher suites per protocol version

Is there a way to explicitly configure OpenSSL to allow AES (or in general, block ciphers) only for clients that use a TLS version >= 1.1? This would protect against the BEAST attack, while still allowing the use of ciphers more secure than the…
lxgr
  • 4,094
  • 3
  • 28
  • 37
2
votes
1 answer

Detecting POODLE and BEAST using nmap

Need your expert advice for the following - POODLE - We can deduce if a server is vulnerable to poodle if it supports sslv3 protocol and uses CBC Ciphers. BEAST - Any server supporting sslv3 OR TLS 1.0 and uses CBC Ciphers. Is my understanding…
Ouney
  • 173
  • 1
  • 6
1
vote
3 answers

CRIME attack - If Javascript can be injected on the attacked machine, why not directly sending the cookie to a remove server?

I read about the CRIME - How to beat the BEAST successor? question and answer, but I don't understand that: If Javascript can be injected and run on the attacked machine, why not directly sending the secret cookie as an AJAX request to a remove…
user86334
  • 11
  • 1
1
vote
0 answers

How to explain BEAST attack to non-tech people

I'm looking for the best way to describe the Browser Exploit Against SSL/TLS (BEAST) attack to non-technical people, without being too general. So I am not looking for: "did you ever noticed the lock in your browsing ensuring it is a secure…
aentgood
  • 31
  • 7
1
2
3