nanog mailing list archives
Re: SSL 3 vulnerability released
From: Reed Loden <reed () reedloden com>
Date: Tue, 14 Oct 2014 16:51:35 -0700
On Tue, 14 Oct 2014 16:29:50 -0700 Grant Ridder <shortdudey123 () gmail com> wrote:
Just incase anyone hasn't seen yet... http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html
One thing that's always useful to follow is Mozilla's TLS on servers recommendations (https://wiki.mozilla.org/Security/Server_Side_TLS). It's kept up-to-date pretty often and includes example configs for most web servers / load balancers (including ELBs). If you're able to (depending on who your customers are and what browsers they use), I would try to use at least the 'intermediate' configuration for anything that terminates SSL/TLS. ~reed
Current thread:
- SSL 3 vulnerability released Grant Ridder (Oct 14)
- Re: SSL 3 vulnerability released Reed Loden (Oct 14)