1. Enabled with SSL, HTTPS protocol is widely used to provide secure Web services to Web users using Web browsers on the Internet. How is a secure communication channel established at the start of communication between a Web server running HTTPS and a Web browser? Consider the following threats to Web security and how each of these threats is countered by a particular feature of SSL. Man-in-the-middle attack: An attacker interposes during key exchange, acting as the client to the server and as the server to the client. Password sniffing: Passwords in HTTP or other application traffic are “eavesdropped.” SYN flooding: An attacker sends TCP SYN messages to request a connection but does not respond to the final message to establish the connection fully. The attacked TCP module typically leaves the “half-open” connection around for a few minutes. Repeated SYN messages can clog the TCP module.
1. Enabled with SSL, HTTPS protocol is widely used to provide secure Web services to Web users using Web browsers on the Internet. How is a secure communication channel established at the start of communication between a Web server running HTTPS and a Web browser? Consider the following threats to Web security and how each of these threats is countered by a particular feature of SSL. Man-in-the-middle attack: An attacker interposes during key exchange, acting as the client to the server and as the server to the client. Password sniffing: Passwords in HTTP or other application traffic are “eavesdropped.” SYN flooding: An attacker sends TCP SYN messages to request a connection but does not respond to the final message to establish the connection fully. The attacked TCP module typically leaves the “half-open” connection around for a few minutes. Repeated SYN messages can clog the TCP module.
Chapter7: The Internet, Intranets, And Extranets
Section: Chapter Questions
Problem 3AYRM
Related questions
Question
1. Enabled with SSL, HTTPS protocol is widely used to provide secure Web services to Web users using Web browsers on the Internet. How is a secure communication channel established at the start of communication between a Web server running HTTPS and a Web browser?
Consider the following threats to Web security and how each of these threats is countered by a particular feature of SSL.
- Man-in-the-middle attack: An attacker interposes during key exchange, acting as the client to the server and as the server to the client.
- Password sniffing: Passwords in HTTP or other application traffic are “eavesdropped.”
- SYN flooding: An attacker sends TCP SYN messages to request a connection but does not respond to the final message to establish the connection fully. The attacked TCP module typically leaves the “half-open” connection around for a few minutes. Repeated SYN messages can clog the TCP module.
Expert Solution
This question has been solved!
Explore an expertly crafted, step-by-step solution for a thorough understanding of key concepts.
Step by step
Solved in 2 steps
Recommended textbooks for you
Management Of Information Security
Computer Science
ISBN:
9781337405713
Author:
WHITMAN, Michael.
Publisher:
Cengage Learning,
Principles of Information Systems (MindTap Course…
Computer Science
ISBN:
9781305971776
Author:
Ralph Stair, George Reynolds
Publisher:
Cengage Learning
Management Of Information Security
Computer Science
ISBN:
9781337405713
Author:
WHITMAN, Michael.
Publisher:
Cengage Learning,
Principles of Information Systems (MindTap Course…
Computer Science
ISBN:
9781305971776
Author:
Ralph Stair, George Reynolds
Publisher:
Cengage Learning
LINUX+ AND LPIC-1 GDE.TO LINUX CERTIF.
Computer Science
ISBN:
9781337569798
Author:
ECKERT
Publisher:
CENGAGE L
A+ Guide to Hardware (Standalone Book) (MindTap C…
Computer Science
ISBN:
9781305266452
Author:
Jean Andrews
Publisher:
Cengage Learning
Enhanced Discovering Computers 2017 (Shelly Cashm…
Computer Science
ISBN:
9781305657458
Author:
Misty E. Vermaat, Susan L. Sebok, Steven M. Freund, Mark Frydenberg, Jennifer T. Campbell
Publisher:
Cengage Learning