nogotofail: Google's Open Source Network Traffic Security Testing Tool

By

Lately, it seems that the only news we hear is what other multinational company has been hacked and how many records were accessed. We have always been security conscience, but it does appear that hackers and malware have been making us even more so lately. Unfortunately, this is neither something new, nor something that is likely to go away.

In their quest to make users, the Internet and digital devices in general more secure, a number of big Internet companies have recently announced a new collaboration that will focus on making open source projects easier for everyone. In fact, some companies have begun open sourcing their own projects.

Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols designed to provide communication security over the Internet. Unfortunately, we are witnessing many known TLS/SSL vulnerabilities, misconfigurations and library bugs. One company that is working to resolve these issues is Google.

Originally, SSL and TLS were designed to protect the confidentiality of information in transit. Due to the fact that the SSL protocol is old it has been the target of numerous attacks in recent years. Although TLS is SSL’s successor and considered to be more robust and resistant to attack, the fact remains that the newer versions of TLS are not as widely supported as much older versions of SSL.

To help developers and security researchers identify applications that are vulnerable to known SSL/TLS attacks and configuration problems, Google is releasing a tool that checks for these problems. This week Google introduced a new tool for testing network traffic security called nogotofail.

Google has released it as an open source project available on GitHub. This means that anyone can use it, contribute new features, provide support for more platforms and essentially do anything else as long as the end result is to help improve the security of the Internet.

According to nogotofail’s documentation, “The core of nogotofail is the on path network MiTM named nogotofail.mitm that intercepts TCP traffic. It is designed to primarily run on path and centers around a set of handlers for each connection which are responsible for actively modifying traffic to test for vulnerabilities or passively look for issues. nogotofail is completely port agnostic and instead detects vulnerable traffic using DPI instead of based on port numbers. Additionally, because it uses DPI, it is capable of testing TLS/SSL traffic in protocols that use STARTTLS.”

nogotofail was built by the Android Security Team, and Google says it has been using nogotofail internally for some time and has worked with developers to improve the security of their apps. The attack engine itself can be deployed in a variety of different ways.

In a blog posting, Chad Brubaker of the Android security team said “The Android Security Team has built a tool, called nogotofai that provides an easy way to confirm that the devices or applications you are using are safe against known TLS/SSL vulnerabilities and misconfigurations. nogotofail works for Android, iOS, Linux, Windows, Chrome OS, OSX, in fact any device you use to connect to the Internet. There’s an easy-to-use client to configure the settings and get notifications on Android and Linux, as well as the attack engine itself which can be deployed as a router, VPN server, or proxy.”

One thing that makes attacks on SSL/TLS so challenging is that generally users don’t know that the attacks are taking place. We have seen this over the past 12 months from companies such as Target, Home Depot and JPMorgan Chase. While some attacks were caught within a week, others lasted for several months. The Google nogotofail tool is designed to help developers identify the weak spots in their applications’ implementations before an attacker can take advantage.




Edited by Maurice Nagle

TechZone360 Contributing Writer

SHARE THIS ARTICLE
Related Articles

Executing a Successful Cloud Migration Strategy

By: Special Guest    1/14/2020

If you have been running your business for a while, your eyes might turn to the cloud migration strategy for any specific purpose. The main objecti…

Read More

Redefining Holograms for the Modern Era

By: Special Guest    1/13/2020

Few technologies have captivated both the attention and imagination of humanity as the Hologram. The question is, how can how can holographic systems …

Read More

How Safety-Centered Technology is Changing the Transportation Industry

By: Special Guest    1/8/2020

Digitization is taking over many industries and making a significant mark in our homes and workplaces. The rise of digital technology continues to evo…

Read More

Cisco Shapes the Future Network with Silicon One Chip and Router Line

By: Laura Stotler    12/20/2019

Cisco has announced its new Silicon One chip and 800 series of carrier class routers, designed to support the future of the Internet and networking. T…

Read More

5 Tools to Keep Your Team Aligned And Performing Like Clockwork

By: Special Guest    12/20/2019

Teamwork. Cohesiveness. Streamlined collaboration. A unified front. These factors can pretty much make or break your business. The more aligned your t…

Read More