FREAK on Colombian domain names and Heartbleed one year later
Marzo 4, 2015
I am here writing again about some statistics, this time is for the new vulnerability found on SSL/TLS (FREAK Attack) against critical Colombian domain names. Same methogolody of Overview of OpenSSL security bug (CVE-2014-0160) on critical Colombian domain names is used in this post.
FREAK Attack on restricted colombian domain names
Identifying vulnerable domains
A python script was used to identify in a non-intrusive way the affected Colombian domain names (gov.co, edu.co, mil.co, and org.co):
result = ''
IP = domain_exists(domain)
if IP != False:
if check_connectivity(IP):
if check_FREAK(IP):
result = 'VULNERABLE'
else:
result = 'NOT-VULNERABLE'
else:
result = 'SECURE-CHANNEL-UNSUPPORTED'
else:
result = 'NON-EXISTENT'
Results
2975 domain names were tested against the vulnerability, the results are impressive, from 1815 domains that support HTTPS only 46 are affected (it is possible to make a man in the middle attack while the domains is using SSL/TLS):
This is the detail of the results classified by each Third-level domain:
gov.co, 662 not vulnerable, 18 vulnerable.
edu.co, 689 not vulnerable, 15 vulnerable.
mil.co, 58 not vulnerable, 1 vulnerable.
org.co, 360 not vulnerable, 12 vulnerable.
Finally, we got the distribution of the vulnerable Colombian third-level domains:
Heartbleed a year later
One year later the same script and data were used to test the heartbleed vulnerability (Overview of OpenSSL security bug (CVE-2014-0160) on critical Colombian domain names), this is what I found:
Only 2 domain names were found to be free of the Heartbleed vulnerability, 16 are still vulnerable.
177 domain names have implemented HTTPS.
115 domain names were deleted (or DNS A record does not exist).
86 domain names dropped HTTPS support.
Archivado en: Seguridad |