Question

Please, i need Unique answer, Use your own words (don't copy and paste).

*Please, don't use handwriting.

Man-in-the-middle attack

Consider the following statement:

The secure socket layer (SSL) protocol allows for secure communication between a client and a server. There are known flaws in the SSLv2 protocol. A man-in-the-middle attacker can force the communication to a less secure level and then attempt break the encryption. The attacker can also truncate encrypted messages. These flaws have been fixed in SSLv3 (TLSv1). Most servers and clients support both SSLv2 and SSLv3. However, SSLv2 is enabled by default for backward compatibility.

Answer the following questions,

a) Find out the impact in the above statement.

b) What is the solution?

c) Do you think SSLv3 is more secure? Justify your answer.

Answer 1

a) Hacking tools are easily available online these days. With flaws in the protocol versions, an attacker can easily make use of this vulnerability and read encrypted secure communications as well as decrypt or modify the messages.

*** SSLv1- never been released
SSLv2- released, had major flaws
SSLv3- rewrite of SSLv2 (to fix the flaws)
TLS 1.0- improvement of SSLv3
Then came TLS 1.1, TLS 1.2, TLS 1.3***

b) Internet Engineering Task Force(IETF) deprecated both SSLv2 and SSLv3 because vulnerabilities have been discovered in the SSL protocols. For example, POODLE, DROWN. All websites now need to be on TLS 1.1 or higher to comply with the PCI Data Security Standard (DSS) from June 2018.
SSLv2, SSLv3, and TLS 1.0 are now outdated and vulnerable so you must disable support for those protocols.
There are some known flaws in TLS 1.1 too so disable it if you can. Only TLS 1.2 and 1.3 are secure as of now. You can always use SSL Server test tools available on the internet to know whether or not your server or host supports TLS 1.2/TLS1.3.
(Please note: certificates are not dependent on protocols. Your server configuration determines the protocols, not the certificates.)

c) SSLv3 is not secure now. We should always configure our servers to support the latest protocol versions to ensure that we are using the strongest algorithms and ciphers and disable the older versions.If we keep using old versions of the protocols, we can be victims of attacks, where hackers force connections to our servers and use older versions of the protocols having known exploits. This can make our encrypted connections open to man-in-the-middle and other types of attacks.