For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Mitigating sslsqueeze and other no-crypto, brute force SSL handshake attacks

I’ve spent a bunch of cycles lately trying to analyze how resistant we are to a new class of SSL handshake attacks. You see, I have a thing for these weird, asymmetric crypto attacks. To this day, th...
Published May 19, 2014
Version 1.0
attack
dos
handshake
security
ssl
sslsqueeze
tls
Hyder_141209's avatar
Hyder_141209
Icon for Altostratus rankAltostratus
Sep 02, 2014
Hey David, Thanks very much for your nice article. I am trying to build the sslsqueeze.c in ubuntu machine (14.04) to test the iRule mitigation. Could you please explain the steps to build the program (including library required etc.) or send me details to my email address hyder at aurasoftwaresecurity dot co dot nz? Cheers. Best regards Hyder