Check if your server is vulnerable to FREAK Attack

FREAK Attack, a new SSL/TLS vulnerability that allows an attacker to intercept HTTPS connections between vulnerable clients and servers and force them to use weak encryption, which the attacker can break to steal or manipulate sensitive data.

Servers:-

Servers that accept RSA_EXPORT cipher suites put their users at risk from the FREAK attack. You can perform free SSL FREAK Check on your HTTPS servers to verify if they accept weak encryption.

Clients:-

Not all Client browsers are vulnerable at the moment, you can keep checking here for update if your Chrome, Firefox, IE or Safari browser is vulnerable. If possible, keep your browsers uptodate with latest version. You can perform free SSL FREAK Check on your client computer to verify if they accept weak encryption. You need to click on 2 links provided on this website and if the page loads, then you are vulnerable!

References:
https://www.smacktls.com/#freak
https://freakattack.com/

 

Leave a Reply