Logjam Attack
The Logjam Attack basically allows an attacker to downgrade a secure connection to a VPN or secure website so that the attacker is able to read or modify your communication. The issue was found in the way how Diffie-Hellman key exchange has been deployed. It has been extensively described at https://weakdh.org/.
Scan your servers for Logjam
You can test if your server is vulnerable via the Qualys SSLServer test or via a form on the weakdh.org website.
The output from weakdh.org is a JSON object that is far more easier to parse than the results from Qualys. I asked the people from weakdh.org if I could use their test to verify a list of hosts (approx. 500) with a 5 second interval to check if a host is vulnerable to Logjam. They agreed to it. You can get my small Python script from Github. If you plan on using this script to scan your environment I suggest you ask them permission first and use a sane waiting time between the different queries.
You can get the script from Github. It uses three parameters
- weakdh_hosts : a text file with the hosts to check
- pause_interval : the interval to wait between a query
- base_url : the URL from weakdh.org
Note that the script only checks for really vulnerable sites. Sites that have 1024-bit Diffie-Hellman might be vulnerable to “nation-state” attackers also. This script does not raise a warning for these sites.
I’ve been exploring for a little bit for any high-quality articles or weblog posts in this kind of area .
Exploring in Yahoo I at last stumbled upon this web site.
Reading this information So i’m happy to exhibit that
I have an incredibly good uncanny feeling I found out just what I needed.
I most without a doubt will make sure to don?t fail to remember this
website and provides it a glance regularly.