Jump to content
kasper148

KSOS 3 save against Poodle attacks while SSL scanning enabled?

Recommended Posts

Actual browsers like FF 35 doesn't support fall back to SSLv3 protocol.

 

But:

If encrypted SSL scanning is enabled, KSOS works as MITM and "looks" into ssl content, so browsers security features are superseeded, because KSOS itself connects to web server and browser connect to KSOS as a proxy.

German magazin c't did warn about an issue, Kaspersky would affect browsers TLS connection if ssl scan is enabled.

 

Is KSOS v3 [13.0.4.233 patch c] vulnerable against Poodle attacks, if ssl scanning is enabled?

http://support.kaspersky.com/10466#block0

 

Whats about the modified Poodle attack against TLS (!) fall back?

 

Testsites:

https://www.poodletest.com/

https://zmap.io/sslv3/

https://www.howsmyssl.com/

https://www.ssllabs.com/ssltest/viewMyClient.html

 

Thx...

Edited by kasper148

Share this post


Link to post

Please see quote below:

 

Hello, someoneXgr,

 

The SSL 3.0 vulnerability is something that browsers have to cover for the home-user. For example, Firefox is going to disable it completely ("SSLv3 will be disabled by default in Firefox 34, which will be released on Nov 25."): https://blog.mozilla.org/security/2014/10/1...end-of-ssl-3-0/

Kaspersky continues to protect from this sort of attack the same way as before. The SSL vulnerability can only be exploited if your computer is already compromised by a man-in-the-middle attack. Our product would intercept the man-in-the-middle attack, therefore the SSL vulnerability would be irrelevant anyways.

 

The results of PoodleTest.com with enabled "Scan encrypted connections" may seem contradictory because our product serves as man-in-the-middle itself at the moment when initial connection to the site takes place.

 

To put it in a nutshell — our product will react if the real attack happens.

Share this post


Link to post

Thanks, I did read this statement some days ago, but it doesn't cover if or if not an unsecure connection is possible from MITM-KSOS ssl proxy to web server.

Kas Security center 10 for example did get new crypto dlls, pls refer to:

http://support.kaspersky.com/11591

 

And what's about the modified Poodle attack against TLS ?

https://en.wikipedia.org/wiki/POODLE#POODLE...ack_against_TLS

 

Regards!

Edited by kasper148

Share this post


Link to post

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.