Friday, August 9, 2019

Network Security Paper Essay Example | Topics and Well Written Essays - 1000 words

Network Security Paper - Essay Example This essay focuses on the increased concern over the effects of the heartbleed bug on the internet security (Codenomicon, 2014). This loophole allows stealing of secured information and data under normal settings, by the SSL/TLS encryption used to protect the Internet. The SSL/TLS covers privacy and communication security for applications found in the Internet such as the web, instant messaging (IM), email and virtual private networks (VPNs). The Heartbleed bug permits any user accessing the Internet to read the systems’ memory secured by the weaker versions of the OpenSSL applications. This jeopardizes the secret keys used to pinpoint the service providers and to encode the movement, the names and passwords of the users and the authentic content. This permits hackers to spy on data, steal information straight from the services and users and to impersonate services and users (Codenomicon, 2014). The Heartbleed bug is listed in the Common Vulnerabilities and Exposures system as CVE-2014-0160. CVE (Common Vulnerabilities and Exposures) is the Standard for Information Security Vulnerability Names preserved by MITRE. The technical name, CVE-2014-0160 is named from the line of code that the bug is contained. However, a secure version of OpenSSL was released on April 7, 2014, after the Heartbleed bug was publicly revealed. At the time close to 17% an estimated half a million of the Internets protected web servers licensed by trust authorities were alleged to be exposed to the bug. Hence, permitting the stealing of the servers digital keys used to encrypt data and gain access over users session cookies and passwords (BBC News, 2014). The loophole allows a hacker to gain access of up to 64 kilobytes of server memory. However, the hackers execute the attack repeatedly to access a substantial amount of information. Therefore, a hacker can gain access to users’ cookies from web browsers and servers that keep

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.