In our previous post, we saw how to secure your OpenSSL servers from SWEET32 Birthday Attack. But OpenSSL isn’t the only server that’s affected by this bug.
Use of block cipher encryption algorithm makes OpenVPN servers also vulnerable to this attack. The OpenVPN vulnerability is tracked with the CVE number CVE-2016-6329. (more…)
Over 80% websites in the internet are vulnerable to hacks and attacks. In our role as hosting support engineers for web hosts, we perform periodic security scans and updates in servers to protect them from hacks.
A recent bug that affects the servers is the SWEET32 vulnerability. By exploiting a weak cipher ‘3DES-CBC’ in TLS encryption, this bug has caused many server owners to panic about their data security.
If you see that your website is failing security scans with this message, that means your server is vulnerable to SWEET32 attacks.
“SSL/TLS server supports short block sizes (SWEET32 attack)”