"服务器易受 BEAST 攻击。"
Browser Exploit Against SSL/TLS (BEAST) 攻击影响 SSL 2.0、SSL 3.0 和 TLS 1.0 协议,允许不良攻击者解密 Web 浏览器和网站之间的 SSL 加密或 TLS 加密会话的内容。攻击者会利用基于块的密码套件中的漏洞。
这是面向客户端的攻击,其中攻击者需控制"受攻击者"的浏览器。大部分浏览器易受 BEAST 攻击。
在 BEAST 攻击中,攻击者以中间人的身份,使用专门定制的纯文本输入,破解 Web 浏览器与网站之间的 SSL 加密或 TLS 加密会话的内容。这种攻击类型使得攻击者能够找回敏感信息(例如,HTTP 验证 Cookie)。
在服务器的 SSL/TLS 配置中禁用所有基于块的密码套件。仅当您无法对服务器和浏览器启用 TLS 1.2 或 TLS 1.3 时,才使用此变通方案。
DigiCert is the world's leading provider of scalable TLS/SSL, IoT and PKI solutions for identity and encryption. The most innovative companies, including 89% of the Fortune 500 and 97 of the 100 top global banks, choose DigiCert for its expertise in identity and encryption for web servers and Internet of Things devices. DigiCert supports TLS and other digital certificates for PKI deployments at any scale through its certificate lifecycle management solution, CertCentral®. The company is recognized for its enterprise-grade certificate management platform, fast and knowledgeable customer support, and market-leading security solutions. For the latest DigiCert news and updates, visit digicert.com or follow @digicert.
©2020 DigiCert, Inc. All rights reserved. DigiCert, its logo and CertCentral are registered trademarks of DigiCert, Inc. Norton and the Checkmark Logo are trademarks of NortonLifeLock Inc. used under license. Other names may be trademarks of their respective owners.