Ping a Specific Port

Question

unixman83

Asked: 2011-09-24 16:48:07 +0800 CST2011-09-24 16:48:07 +0800 CST 2011-09-24 16:48:07 +0800 CST

Safest ciphers to use with the BEAST? (TLS 1.0 exploit) I've read that RC4 is immune

772

Now that the BEAST is public knowledge, TLS 1.0 is NOT safe to use (nor is SSL 3.0). I have seen reports that the RC4 cipher is unaffected (and is widely supported). Is that true?

I know that TLS 1.1 is immune. But out of the 1,000,000 most popular SSL/TLS enabled websites, only a few (221) support TLS 1.1 or higher.

The exploit is restricted to browsers because it requires JavaScript or Browser Plugins via MITM. PayPal.com is vulnerable, as of this writing.

1 Answers

Voted

Shane Madden · Answer 1 · 2011-09-24T16:50:22+08:00

Best Answer

Shane Madden

2011-09-24T16:50:22+08:002011-09-24T16:50:22+08:00

Correct; RC4 is a stream cipher, and is not affected.

The flaw is in CBC message construction, so the ciphers using CBC (there's a bunch, but AES and 3DES are the most popular) are all affected.

5

Safest ciphers to use with the BEAST? (TLS 1.0 exploit) I've read that RC4 is immune

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Resolve host name from IP address

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?