Contenido principal

FREAK on Colombian domain names and Heartbleed one year later

Marzo 4, 2015

I am here writing again about some statistics, this time is for the new vulnerability found on SSL/TLS (FREAK Attack) against critical Colombian domain names. Same methogolody of Overview of OpenSSL security bug (CVE-2014-0160) on critical Colombian domain names is used in this post.

FREAK Attack on restricted colombian domain names

Identifying vulnerable domains

A python script was used to identify in a non-intrusive way the affected Colombian domain names (,,, and

    for domain in domains:
        result = ''
        IP = domain_exists(domain)
        if IP != False:
            if check_connectivity(IP):
                if check_FREAK(IP):
                    result = 'VULNERABLE'
                    result = 'NOT-VULNERABLE'
                result = 'SECURE-CHANNEL-UNSUPPORTED'
            result = 'NON-EXISTENT'


2975 domain names were tested against the vulnerability, the results are impressive, from 1815 domains that support HTTPS only 46 are affected (it is possible to make a man in the middle attack while the domains is using SSL/TLS):

This is the detail of the results classified by each Third-level domain:

:arrow:, 662 not vulnerable, 18 vulnerable.
:arrow:, 689 not vulnerable, 15 vulnerable.
:arrow:, 58 not vulnerable, 1 vulnerable.
:arrow:, 360 not vulnerable, 12 vulnerable.

Finally, we got the distribution of the vulnerable Colombian third-level domains:

Heartbleed a year later

One year later the same script and data were used to test the heartbleed vulnerability (Overview of OpenSSL security bug (CVE-2014-0160) on critical Colombian domain names), this is what I found:

:arrow: Only 2 domain names were found to be free of the Heartbleed vulnerability, 16 are still vulnerable.
:arrow: 177 domain names have implemented HTTPS.
:arrow: 115 domain names were deleted (or DNS A record does not exist).
:arrow: 86 domain names dropped HTTPS support.

Archivado en: Seguridad |

Deja un comentario