Ping Pong

Added on 2023-04-08

12 Pages647 Words318 Views

Task 1: Ping... Pong

Task 2: Heartbleed
1) The web server and web browser exchanges information with the computers where all the
information of web browser is stored and the conversation between browser and client to avoid
hacker stealing important information, many websites use a sort of software called open SSL to
provide an SSL encryption basically SSL translates the important information to gibberish that
only web browser and computer can understand.
When Open SSL transfer encrypted password “APPLE” to server even attacker steals this
password. He/she can’t read it and it is safe but his/her during checkup there’s a second parallel
communication which is called heartbeat. When browser is connected with the other computer
and he constantly checks if the computer hasn’t fallen asleep because this communication didn’t
have any confidential information which wasn’t encrypted and unfortunately hacker could
manipulate this request on the website that uses open SSL filled file contains 500 letter word
“APPLE” and extra letters could be anything ranging from useless stuff but they gathered many
confidential information. That’s why, heartbleed is a vulnerability.
2) In order to fix the Heartbeat vulnerability, we need to upgrade the latest version of OpenSSL.
Similarly, we can regenerate the CSR with the help of an upgraded version of OpenSSL and we
need to get signed certificate from certificate authority, we need to implement on web servers.