SSL Stripping

EpicGlobalWeb

Well-known member
Registered
Joined
Jan 24, 2016
Messages
180
Points
0
I've seen demos on devices like the WiFi Pineapple where SSL can be "stripped" and the security would then be about the same as regular http. This is a problem and I'd like to know if there are defenses against it. MITM attacks like this seem to be hard to detect. Also, does the level of encryption matter or add any later of protection against SSL stripping? For instance, 256 bit vs 128, etc.
 

VirtuBox

Well-known member
Registered
Joined
May 3, 2016
Messages
1,622
Points
83
The easier is to use HSTS (HTTP Strict Transport Security).

HSTS tells the browser to only communicate with the server via HTTPS. The browser remembers the HSTS header from the server from the first time it was seen. When the user visits the site again, the browser enforces that all communication is done via HTTPS.
Source : https://avicoder.me/2016/02/22/SSLstrip-for-newbies/
 

RDO Servers

Well-known member
Registered
Joined
Apr 3, 2015
Messages
1,027
Points
83
For SSL Stripping to work, you have to first connect to the remote server via http. If you are careful to go straight to the https version of sites, this will help a lot.
Also be sure to watch your address bar and make sure you stay on https.

HTTPEverwhere installed on your machine will (should) force you to connect via https only.

Using a VPN service can also help greatly to prevent MITM attacks.
 

EpicGlobalWeb

Well-known member
Registered
Joined
Jan 24, 2016
Messages
180
Points
0
Right, because the attack in this case appears to happen at the time of connect before the data gets encrypted without actually breaking any encryption.
 

RDO Servers

Well-known member
Registered
Joined
Apr 3, 2015
Messages
1,027
Points
83

EpicGlobalWeb

Well-known member
Registered
Joined
Jan 24, 2016
Messages
180
Points
0
Wikipedia says the initial request with HSTS is still initially unprotected. I'm trying to wrap my head around the benefit then because so is https. Here is the source: https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security

I see what you're saying about the benefits. Maybe the solution is actually in some kind of packet sniffing like WireShark to find out what's unusual?
 
Older Threads
Replies
16
Views
11,279
Replies
12
Views
4,392

Latest Hosting OffersNew Reviews

Sponsors

Tag Cloud

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.

Top