21. Insufficient Transport Layer Security (TLS)
Insufficient Transport Layer Security (TLS)
Category: #Network-Based-Attack
Attack:
An insufficiently secured transport layer can lead to attacks like Man-in-the-Middle (MitM), where attackers intercept or modify communications between the client and server. This is especially dangerous when sensitive data like credentials or financial information is transmitted.
Attack Code Example (Plaintext HTTP Interception):
# Attacker intercepts traffic
GET /login?username=user&password=pass HTTP/1.1
Host: example.comIn this example, the attacker intercepts credentials because the connection is over insecure HTTP instead of HTTPS.
Vulnerable Configuration Example (HTTP instead of HTTPS):
# Apache configuration allowing HTTP connections
<VirtualHost *:80>
DocumentRoot "/var/www/html"
ServerName example.com
</VirtualHost>Remediation Steps:
- Use HTTPS: Ensure all communications use HTTPS by obtaining an SSL/TLS certificate and redirecting all HTTP traffic to HTTPS.
- Strong TLS Configuration: Configure the server to use strong TLS settings (e.g., TLS 1.2 or higher) and disable weak ciphers and protocols like SSLv2 and SSLv3.
- HSTS (HTTP Strict Transport Security): Enforce HSTS to ensure that browsers only connect over HTTPS.
Safe Configuration Example (Apache with HTTPS and HSTS):
<VirtualHost *:443>
DocumentRoot "/var/www/html"
ServerName example.com
SSLEngine on
SSLCertificateFile "/path/to/cert.pem"
SSLCertificateKeyFile "/path/to/key.pem"
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
</VirtualHost>