Share
Explore BrainMass

Threats to Web security

Consider the following threats to Web security and describe how each is countered by a particular feature of SSL.

a. Man-in-the-middle attack: An attacker interposes during key exchange, acting as the client to the server and the server to the client.
b. Password sniffing: Passwords in TTP or other application traffic are eavesdropped.
c. IP spoofing: Uses forged IP addresses to fool a host into accepting bogus data.
d. IP hijacking: An active, authenticated connection between two hosts is disrupted and the attacker takes the place of one of the hosts.
e. SYN flooding: An attacker sends TCP SYN messages to request a connection but does not respond to the final message to establish the connection fully. The attacked TCP module typically leaves the â??half-open connectionâ? around for a few minutes. Repeated SYN messages can clog the TCP module.

Solution Preview

SSL Provides security measures between a client and a server across the web by checking the client/server certificate for authentication to confirm the identities.

"SSL provides secure communications, authentication of the server, and data integrity of the message packet".'The two functions of SSL is to ...

Solution Summary

Consider the following threats to Web security and describe how each is countered by a particular feature of SSL.

$2.19