Your SSL Servers Can Be Hacked Using an Average Laptop-Tips for Safety

by michael on February 16, 2012

in News,Security

A common misconception among novice VPN users is the idea that whenever you purchase a VPN package, you are automatically already safe from all forms of internet threats. This is false advertising from so-so VPN companies who want to market their VPN products as fully capable of the protection you deserve even when the truth is that these services remain vulnerable to attacks by intelligent hackers equipped with the right tools.

A key example in this area is the use of an average, everyday laptop on a DSL connection as a means to hacking a supposedly secure SSL server. This issue was made evident in late 2011 when a new tool called the Denial of Service (DOS), or more specifically THC-SSL-DOS in geek circles, was shown to be able to crack SSL protocols and breaking them down to the point that these became open to any sort of data request.

The logic behind hacking SSL servers with an average laptop running THC-SSL-DOS on a DSL connection is actually pretty simple. There is a feature in SSL servers known as renegotiation and this is used to control the transfer of data so that no intrusions from outside the channels can penetrate the tunnel. With DOS, the code constantly renegotiates with SSL up the point that the server gives up and breaks down. It works much like a Brute Force hack where massive amounts of data are used to break a system which is initially designed to handle a specific amount of data at pre-defined values.

So what does this mean for VPN servers running purely on SSL? In the interim, this means bad news. Quite simply, hackers can break down the SSL wall without any hassle leaving your supposedly secure data open and vulnerable to identity theft.


In response, VPN companies are already hot on finding fixes that prevent the DOS tool from exploiting the vulnerabilities of the SSL server particularly in the renegotiation feature. In the meantime, users are advised to deliberately switch their SSL connections to more sophisticated recent releases like OpenVPN and SSTP.

More to the point, users need to be mindful of certain attributes when choosing their preferred VPN provider.


  1. Choosing more established brands over new ones is definitely recommended. The best brands have established infrastructure that are better suited to resisting hacks than those that are only relatively new in the business.
  2. Choose VPN brands that allow seamless switching between VPN protocols at no extra cost. IAPS and Hidemyass, for example, give packages that are open to all protocol configurations so if you are not confident in SSL, you can use the same package to run your connections in OpenVPN and SSTP.
  3. Check with your provider if they are open to admitting the vulnerabilities with SSL and are equally prudent at explaining how this affects you and prescribing actions that can be used to mitigate the situation. The best providers will take the time to explain that you are secure and protected so you do not have to worry about the integrity of your data.

Even VPN services get the occasional jolt and addressing these vulnerabilities remains a top priority for many VPN brands. The caveat is to always be vigilant because you can never be too sure with data security. At the very least, you can be more deliberate about your internet habits so you avoid likely activities that you can open you up to hacking and identity theft. Beyond SSL hacks through laptops on a DSL connection, this is the best thing that you can do to protect yourself from the malicious intent of many web criminals.

Top 5 VPN to Save yourself

You can save your internet connection by usingĀ  VPN. Here is list of Top 5 VPN providers.

Rank Provider Starting Price Visit Provider Site
1 ExpressVPN $6.67 /Month Visit Provider Site
2 Hidemyass $11.52 /Month Visit Provider Site
3 IPvanish $10.00/Month Visit Provider Site
4 StrongVPN $21/ 3 Months Visit Provider Site
5 VyprVPN $14.95/Month Visit Provider Site
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Leave a Comment

Previous post:

Next post: