This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL Stripping recognized?

Hello there,

we are using different and totally separated wifi connections in our business unit (also from different providers). Since today we get a nottification from Sophos Mobile Security for every of these WIFI´s that there is SSL Stripping recognized. This is even the case when there is no browser used on this smartphone. Can this be an issue of todays software definitions? Of course we already had scanned the Smartphone with Sophos Mobile Security but there was found no problem.

Kind regards - Hannes



This thread was automatically locked due to age.
Parents
  • Hi, this is Thomas from the Mobile Product Management team.

    I have experienced the same issue with two well known and secure networks. We are not sure, what is triggering this as we have not made any changes recently.

    For the moment please regard this as false positive. We will investigate with all hands on deck tomorrow morning (Central European Timezone) and provide an update afterwards.

    Sorry for any inconvenience.

    Thomas

  • Hi, this is Thomas from the Mobile Product Management team.

    A quick update on this issue. We have identified the root cause of the issue and an update of our test data is currently processed to be distributed via Sophos cloud-based services.

    Please stay patient for some more time till this is processed. The app will update its data automatically and this issue will disappear.

    I will send another update, once we update has happened and Sophos Mobile Security will again work as expected

     

    Thomas 

  • Hi Thomas / TLI,

    Many thanks for the status update.

    I am also seeing this on my home network. I was becoming concerned since the routers settings were all correct and DNS servers IPs were not tampered with. I also rebooted and turned off the router to no effect.

    Having only my Android phone (Samsung Galaxy S9 Plus, Android 8.0 with November 1st patch level), my smart TV and my IP camera active on the local network still showed SSL Striping occurring. I had then considered the possibility of a false positive but it’s good to know that this is the case.

    My next step was going to be factory resetting the router. It’s firmware is up to date (although the router, Asus DSL-N55U (Annex-A) has not received a vendor update since January 2015). It has a very strong WPA2 key and strong router admin interface username and password. I will purchase a new router in the next 6 months as WPA3 emerges.

    Thanks for resolving this issue so quickly.

Reply
  • Hi Thomas / TLI,

    Many thanks for the status update.

    I am also seeing this on my home network. I was becoming concerned since the routers settings were all correct and DNS servers IPs were not tampered with. I also rebooted and turned off the router to no effect.

    Having only my Android phone (Samsung Galaxy S9 Plus, Android 8.0 with November 1st patch level), my smart TV and my IP camera active on the local network still showed SSL Striping occurring. I had then considered the possibility of a false positive but it’s good to know that this is the case.

    My next step was going to be factory resetting the router. It’s firmware is up to date (although the router, Asus DSL-N55U (Annex-A) has not received a vendor update since January 2015). It has a very strong WPA2 key and strong router admin interface username and password. I will purchase a new router in the next 6 months as WPA3 emerges.

    Thanks for resolving this issue so quickly.

Children