LxCenter Forum: Open and Non-Technical Discussions » New DoS Tool Kills SSL Servers With Just One PC

HyperVM & Kloxo Support

Forum

Members

Help

Home

Home » LxCenter » Open and Non-Technical Discussions » New DoS Tool Kills SSL Servers With Just One PC

Show: Today's Messages :: Show Polls :: Message Navigator

New DoS Tool Kills SSL Servers With Just One PC [message #90444]

Fri, 28 October 2011 12:32

SteALth

Messages: 40
Registered: February 2010
Location: Romania

Member

Published by German hacker group The Hacker's Choice, the THC-SSL-DOS is designed to highlight weaknesses in SSL and force "the industry" to make SSL more secure.

"We decided to make the official release after realizing that this tool leaked to the public a couple of months ago" the group wrote in a blog post. "We are hoping that the fishy security in SSL does not go unnoticed. The industry should step in to fix the problem so that citizens are safe and secure again. SSL is using an aging method of protecting private data which is complex, unnecessary and not fit for the 21st century."

According to the group, a notebook and a DSL connection is enough to kill a simple SSL server. Larger server farms required 20 notebooks and traffic of about 120 Kbps. The basic feature of THC-SSL-DOS is that it demands renegotiations of encryption keys, which creates up to 1000 parallel connections between the client and the server. As a result, any SSL server is vulnerable to this tool - not just web servers, but email servers as well.

The software is available as a free download for Windows and Unix. Before you download it and use it, keep in mind that using the software will most likely be considered a criminal act.

Source article:
http://www.tomshardware.co.uk/security-attack-DOS-SSL-server -email,news-36844.html

THC SSL-DOS site:
http://www.thc.org/thc-ssl-dos/

Report message to a moderator

Re: New DoS Tool Kills SSL Servers With Just One PC [message #91097 is a reply to message #90444]

Wed, 16 November 2011 11:34

uzer

Messages: 7
Registered: November 2011
Location: Manila, Philippines

Member

thanks for the share

Report message to a moderator

Re: New DoS Tool Kills SSL Servers With Just One PC [message #91184 is a reply to message #91097]

Fri, 18 November 2011 08:39

thunder11

Messages: 395
Registered: September 2010
Location: Serbia

Master

Yes, they are good bunch of people. I find about them long time ago while searching for good security scanner (thc hydra) and was impressed what I could do with basic knowledge about Linux. Anyhow, thanks for the link. Will try it against my server Wink

(when I figure out exactly what it does)

Report message to a moderator

Re: New DoS Tool Kills SSL Servers With Just One PC [message #91498 is a reply to message #91184]

Thu, 24 November 2011 00:04

Anik

Messages: 496
Registered: July 2011
Location: India

Master

is it about breaking the encryption and then hacking a a/c?

10GB Free Cloud Hostings Join | Free SEO Info For your Site Gangoos SEO | If I'm unavailable, contact me Here | Our Blog - Powered by you and me Smile

| DownloadHutZ - Download Free Softwares

Report message to a moderator

Re: New DoS Tool Kills SSL Servers With Just One PC [message #91510 is a reply to message #91498]

Thu, 24 November 2011 06:56

thunder11

Messages: 395
Registered: September 2010
Location: Serbia

Master

How do u mean?

Report message to a moderator

Re: New DoS Tool Kills SSL Servers With Just One PC [message #91520 is a reply to message #91510]

Thu, 24 November 2011 10:01

Anik

Messages: 496
Registered: July 2011
Location: India

Master

about hacking someones account which is protected by SSL encryption.

10GB Free Cloud Hostings Join | Free SEO Info For your Site Gangoos SEO | If I'm unavailable, contact me Here | Our Blog - Powered by you and me Smile

| DownloadHutZ - Download Free Softwares

Report message to a moderator

Re: New DoS Tool Kills SSL Servers With Just One PC [message #91592 is a reply to message #91520]

Fri, 25 November 2011 10:22

shazar

Messages: 1856
Registered: May 2011

Grandmaster
LxCenter Core Team Member
LxCenter Representative

Anik - I don't think that is what this tool is about though. This tool does a DoS attack on any server offering an SSL connection. That attack would bog the server down or kill the service altogether.

https://www.mercuryvps.com
HyperVM Xen VPS hosting

Report message to a moderator

Re: New DoS Tool Kills SSL Servers With Just One PC [message #91691 is a reply to message #91592]

Mon, 28 November 2011 13:01

Anik

Messages: 496
Registered: July 2011
Location: India

Master

But shazar does a different dos tool need to attack server which is using ssl connection? why?

10GB Free Cloud Hostings Join | Free SEO Info For your Site Gangoos SEO | If I'm unavailable, contact me Here | Our Blog - Powered by you and me Smile

| DownloadHutZ - Download Free Softwares

Report message to a moderator

Re: New DoS Tool Kills SSL Servers With Just One PC [message #91692 is a reply to message #91691]

Mon, 28 November 2011 13:03

shazar

Messages: 1856
Registered: May 2011

Grandmaster
LxCenter Core Team Member
LxCenter Representative

I don't understand your question.

https://www.mercuryvps.com
HyperVM Xen VPS hosting

Report message to a moderator

Re: New DoS Tool Kills SSL Servers With Just One PC [message #91693 is a reply to message #91691]

Mon, 28 November 2011 13:07

Anik

Messages: 496
Registered: July 2011
Location: India

Master

also how to prevent it? by blocking such ip which are causing the attack?

10GB Free Cloud Hostings Join | Free SEO Info For your Site Gangoos SEO | If I'm unavailable, contact me Here | Our Blog - Powered by you and me Smile

| DownloadHutZ - Download Free Softwares

Report message to a moderator

Re: New DoS Tool Kills SSL Servers With Just One PC [message #91694 is a reply to message #91693]

Mon, 28 November 2011 13:13

Anik

Messages: 496
Registered: July 2011
Location: India

Master

a normal dos attack tool can't work for ssl prtected site?

10GB Free Cloud Hostings Join | Free SEO Info For your Site Gangoos SEO | If I'm unavailable, contact me Here | Our Blog - Powered by you and me Smile

| DownloadHutZ - Download Free Softwares

Report message to a moderator

Re: New DoS Tool Kills SSL Servers With Just One PC [message #91697 is a reply to message #91694]

Mon, 28 November 2011 14:27

shazar

Messages: 1856
Registered: May 2011

Grandmaster
LxCenter Core Team Member
LxCenter Representative

I still don't completely get what you are saying about a normal tool, but I imagine you could carefully craft an iptables rule to block an IP for X seconds if X connection attempts are made in X seconds. KeepAlive may interefere with that. Sorry I really don't know too much about that, just making an attempt to answer.

https://www.mercuryvps.com
HyperVM Xen VPS hosting

Report message to a moderator

Re: New DoS Tool Kills SSL Servers With Just One PC [message #91698 is a reply to message #91697]

Mon, 28 November 2011 15:11

Anik

Messages: 496
Registered: July 2011
Location: India

Master

normal sites means who have no ssl support.

10GB Free Cloud Hostings Join | Free SEO Info For your Site Gangoos SEO | If I'm unavailable, contact me Here | Our Blog - Powered by you and me Smile

| DownloadHutZ - Download Free Softwares

Report message to a moderator

Previous Topic:	Stability, alternative control panel or donations?
Next Topic:	Is it a Phishing site for kloxo?

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Tue May 21 15:43:06 EDT 2013

Total time taken to generate the page: 0.01335 seconds

.:: Contact :: Home :: Privacy ::.

Click here to lend your support to: LxCenter and make a donation at www.pledgie.com !