• Introduction to Secure Socket Layer/Transport Layer Security Protocol

    In few upcoming posts I will be talking about the how the SSL/TLS works. In this article I will cover very basic stuff about SSL. Though Wikipedia might be a better resource for this kind of information, but this is very condensed information and also serves as my personal notes :).

    Read on →

  • Detecting OpenSSL CCS Injection Vulnerability (CVE-2014-0224)

    Recently another major bug was found in OpenSSL library, CVE-2014-0224. Masashi Kikuchi discovered the vulnerability and has ellaborated here on how he discovered the vulnerability. This bug doesn’t have repercussions as Heartbleed bug, but still severe enough to patch the systems running vulnerable OpenSSL versions. There are many blog entries discussing this bug in detail, but over here I would like to put some light on how to detect this bug in the OpenSSL implementation on your own .

    Read on →

  • Wireshark Shows Network Packet Larger than MTU

    While working on my thesis I came across a weird problem, wireshark was showing packet size more than the MTU. One of the possible reason can be underlying network supports jumbo frames. But it wasn’t so in my case.

    Read on →