Poodle Attack and end of ssl v3
der.hans
PLUGd at LuftHans.com
Thu Oct 16 13:41:54 MST 2014
Am 16. Okt, 2014 schwätzte Amit Nepal so:
moin moin Amit,
> Another one
>
> https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/
Danke. Hadn't see the Mozilla response. Good read.
Comments point to 'change the preference security.tls.version.min from 0
(sslv3) to 1 (tls 1.0)' on about.config.
There's also a link to the RedHat response, which is a good read.
https://securityblog.redhat.com/2014/10/15/poodle-a-ssl3-vulnerability-cve-2014-3566/
ciao,
der.hans
> *Amit K Nepal
> Chief Information Officer
> (RHCE, CCENT, C|EH, C|HFI, GIAC ISO 27000 Specialist)
> omNovia Technologies Inc. *
>
--
# http://www.LuftHans.com/ http://www.PhxLinux.org/
# Dissent is patriotic.
More information about the PLUG-discuss
mailing list