Forum

This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.
Sentora Support Forums General Forums - (Non-Sentora Support) General Discussions (Non-Support Related) v SSL 3.0 not secure

SSL 3.0 not secure
Me.B Offline
Sentora Freak
**
OS: Linux/windows
Version: 1.0.3
Server: Dedicated/VPS/Cloud
Posts: 4 ,004
Threads: 193
Joined: Jul 2014
Reputation: 83
Sex: Undisclosed
Thanks: 68
Given 433 thank(s) in 393 post(s)
#1
SSL 3.0 not secure
 10-15-2014, 06:12 PM
http://googleonlinesecurity.blogspot.fr/...sl-30.html

Google security team iunveiled a flaw in SSL 3.0.... NSA must be happy.

Details here:
https://www.openssl.org/~bodo/ssl-poodle.pdf

No solution unless switching fully to TLS.

M B
No support using PM (Auto adding to IGNORE list!), use the forum. 
How to ask
Freelance AWS Certified Architect & SysOps// DevOps

10$ free to start your VPS
Find
Reply
Thanks given by:
jacobg830 Offline
Sentora Staff
*****
OS: Ubuntu 14.04
Version: 1.0.3
Server: VPS
Posts: 218
Threads: 10
Joined: Jun 2014
Reputation: 6
Sex: Undisclosed
Thanks: 24
Given 26 thank(s) in 20 post(s)
#2
RE: SSL 3.0 not secure
 10-15-2014, 08:37 PM
https://wiki.mozilla.org/Security/Server_Side_TLS provides some good information on configuring your server. Thanks for alerting me about this Smile
Before posting, update your profile with your OS, Sentora version and server type!

Linode - Lightning-Quick SSD Servers for Only $10/mo
Find
Reply
Thanks given by:
Me.B Offline
Sentora Freak
**
OS: Linux/windows
Version: 1.0.3
Server: Dedicated/VPS/Cloud
Posts: 4 ,004
Threads: 193
Joined: Jul 2014
Reputation: 83
Sex: Undisclosed
Thanks: 68
Given 433 thank(s) in 393 post(s)
#3
RE: SSL 3.0 not secure
 10-15-2014, 11:45 PM
http://news.netcraft.com/archives/2014/1...odles.html

stats & more infos.
No support using PM (Auto adding to IGNORE list!), use the forum. 
How to ask
Freelance AWS Certified Architect & SysOps// DevOps

10$ free to start your VPS
Find
Reply
Thanks given by:
kandrews Offline
Dev Team
******
OS: CentOS 6.5
Version: 1.0.3
Server: zVPS.uk
Posts: 188
Threads: 7
Joined: Jul 2014
Reputation: 4
Sex: Male
Thanks: 2
Given 53 thank(s) in 30 post(s)
#4
RE: SSL 3.0 not secure
 10-17-2014, 01:09 AM
I did a quick blog post over on zVPS : http://blog.zvps.uk/security/2014/10/15/...bleed-bug/ explains how users can protect themselves on browsers as well as server admins switching off sslv3 for apache/nginx/dovecot/postfix/nodejs etc Smile

We disabled sslv3 on our servers back in May after reading up on ssl security Smile
[Image: zvps-icon.png]
Virtual Private Servers
DDoS protection and unlimited bandwidth.
zVPS.uk
Find
Reply
Thanks given by:


Forum Jump:


Users browsing this thread: 1 Guest(s)