oss-sec mailing list archives
Re: Truly scary SSL 3.0 vuln to be revealed soon:
From: Reed Loden <reed () reedloden com>
Date: Tue, 14 Oct 2014 07:38:18 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 14 Oct 2014 13:15:41 +0200 Hanno Böck <hanno () hboeck de> wrote:
A number of people already recommend disabling SSLv3, e.g. the Qualys configuration guide. Disable it now - no matter if the rumors about a serious vuln are true, you'll be safe.
https://wiki.mozilla.org/Security/Server_Side_TLS has some great info on configuring your web servers and load balancers to have the best possible SSL/TLS settings, including specific example configs to help you out. ~reed -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iKYEARECAGYFAlQ9NV5fFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl bnBncC5maWZ0aGhvcnNlbWFuLm5ldDZCNTZGOUFDMDdCNjg1RDdEQzQ1NjBEQTZC QTIyMjI2RjNDMzNENUEACgkQa6IiJvPDPVpviQCgkXv+V3uzoLKuNAITQt33kSn5 upwAn0TxonRRgEPZYyqUaTIsRlgKkqm7 =fmf8 -----END PGP SIGNATURE-----
Current thread:
- Truly scary SSL 3.0 vuln to be revealed soon: Sona Sarmadi (Oct 14)
- Re: Truly scary SSL 3.0 vuln to be revealed soon: Hanno Böck (Oct 14)
- Re: Truly scary SSL 3.0 vuln to be revealed soon: Reed Loden (Oct 14)
- Re: Truly scary SSL 3.0 vuln to be revealed soon: Alex Gaynor (Oct 14)
- Re: Truly scary SSL 3.0 vuln to be revealed soon: Reed Loden (Oct 14)
- Re: Truly scary SSL 3.0 vuln to be revealed soon: Reed Loden (Oct 14)
- Re: Truly scary SSL 3.0 vuln to be revealed soon: Hanno Böck (Oct 14)
- Re: Truly scary SSL 3.0 vuln to be revealed soon: Hanno Böck (Oct 14)
- RE: Truly scary SSL 3.0 vuln to be revealed soon: Sona Sarmadi (Oct 14)
- Re: Truly scary SSL 3.0 vuln to be revealed soon: Walter Parker (Oct 14)
- Re: Truly scary SSL 3.0 vuln to be revealed soon: Brandon Whaley (Oct 15)
- list policy (Re: Truly scary SSL 3.0 vuln to be revealed soon:) Solar Designer (Oct 15)
- Re: list policy (Re: Truly scary SSL 3.0 vuln to be revealed soon:) Alexander Cherepanov (Oct 28)
- Re: list policy (Re: Truly scary SSL 3.0 vuln to be revealed soon:) Kurt Seifried (Oct 28)
- Re: list policy (Re: Truly scary SSL 3.0 vuln to be revealed soon:) Alexander Cherepanov (Oct 28)
- RE: Truly scary SSL 3.0 vuln to be revealed soon: Sona Sarmadi (Oct 14)