1 / 4

Instart Logic Customers not Impacted by ‘FREAK’ Attack

Factoring Attack on RSA-EXPORT Keys, TLC/SSL vulnerability affects certain SSL clients, misconfigured web servers and web delivery services. However, Instart Logic customers who are on software-defined application delivery service (SDAD) are not vulnerable to the FREAK attack as the network is configured to disable these weak encryption protocols. Gain insight on SDAD platform: http://www.instartlogic.com/technology/software-defined-application-delivery/

Download Presentation

Instart Logic Customers not Impacted by ‘FREAK’ Attack

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. INSTART LOGIC CUSTOMERS NOT IMPACTED BY ‘FREAK’ ATTACK BY GABRIEL COELHO-KOSTOLNY

  2. A TLS/SSL vulnerability was announced yesterday, titled FREAK (Factoring Attack on RSA-EXPORT Keys CVE-2015-0204). Much like POODLE and other recent TLS/SSL attacks, this vulnerability affects certain SSL clients (particularly older web browsers), as well as misconfigured web servers and web delivery services. Instart Logic customers on our software-defined application delivery service (SDAD) are not vulnerable to the FREAK attack as our network is configured to disable these weak encryption protocols.

  3. While the Instart Logic service is not vulnerable to this attack, customers’ origin servers may still be vulnerable. We encourage all our customers to assess their origin servers and other devices and take steps to remediate this vulnerability if it is present. To determine whether your web server is vulnerable, customers can use the following OpenSSL command, substituting their website name for “www.instartlogic.com”: openssls_client -cipher EXPORT -connect www.instartlogic.com:443 Vulnerable servers will return a server certificate, while servers that are not vulnerable will return an error. Instart Logic is committed to protecting our customers. We continually monitor and deploy the latest and most innovative encryption techniques to ensure that our customers are always secure. If you have any questions, please contact Support at support@instartlogic.comor via phone at 1.888.576.3166 or +1.650.919.8854.

  4. Visitour Blog for more information

More Related