23/02/2022

IP Security – HTTPS – Hypertext Transfer Protocol – Port 443

Is used explicitly for HTTPS services and hence is the standard port for encrypted HTTP traffic. It is also called HTTPS port 443, allowing secured communications which run through TCP port 443.

What does HTTPS Protect? HTTPS secures your data communications between client and server with encryption and to ensure that your traffic cannot read or access the conversation.

Port 443 Vulnerabilities

The Secure Sockets Layer (SSL) and the Transport Layer Security (TLS) cryptographic protocols have had their share of flaws like every other technology. The following are major vulnerabilities in TLS/SSL protocols. They all affect older versions of the protocol (TLSv1.2 and older). At the time of publication, only one major vulnerability was found that affects TLS 1.3. However, like many other attacks listed here, this vulnerability is also based on a forced downgrade attack.

Recommended Actions

We continue to see customers using outdated or mis configured web server technologies leaving them open to abuse from users on the Internet, we recommend customers maintain up to date, patched, hardened and checked resources which are used to service users on the Internet. You could be vulnerable to the following vulnerabilities without even knowing it:

  • Heartbleed (CVE-2014-0160)
  • CCS (CVE-2014-0224)
  • Secure Renegotiation (CVE-2009-3555)
  • CRIME, TLS (CVE-2012-4929)
  • BREACH (CVE-2013-3587)
  • POODLE, SSL (CVE-2014-3566)
  • FREAK (CVE-2015-0204)
  • DROWN (2016-0800, CVE-2016-0703)
  • LOGJAM (CVE-2015-4000)
  • BEAST (CVE-2011-3389)
  • RC4 (CVE-2013-2566, CVE-2015-2808) 

The empsn Firewall where configured will allow external users to access your resources on the HTTPS TCP 443 port, it is the responsibility of the customer organisation to maintain the posture and security of the hosted server or device.

Reference Material

See attached link for vulnerability examples via Acunetix:

https://www .acunetix.com/blog/articles/tls-vulnerabilities-attacks-final-part/

NCSC is also a useful site and the latest threats can be found via their website:

https://www.ncsc.gov.uk/

CVE.mitre.org is also another useful site and by searching their “CVE list” and typing in the Vulnerability they can help identify and mitigate the issue:

https://cve.mitre.org/

https://www.cvedetails.com/product/66/Apache-Http-Server.html?vendor_id=45

Drown – DROWN SSL/TLS Vulnerability – emPSN

Keeping Up To Date With Us Is Easy, Sign Up To Our Newsletter Today!

Stay in touch with emPSN, so that you get the latest e-safety advice and invites to our community events.

Our partners