(2014-10-15)Testing for poodle:If you are vulnerable, you should see normal connection output, including the line:
If you don't get a SSL connection error, you are accepting v3.To fix: In /etc/httpd/conf.d/ssl.conf, adjust:
[root@voyager conf.d]# curl -v3 -X HEADhttps://wiki.xdroop.com * About to connect() to wiki.xdroop.com port 443 (#0) * Trying 207.107.149.132… connected * Connected to wiki.xdroop.com (207.107.149.132) port 443 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * NSS error -12286 * Closing connection #0 * SSL connect error curl: (35) SSL connect error
* SSL 3.0 connection using SSL_NULL_WITH_NULL_NULL
# SSL Protocol support: # List the enable protocol levels with which clients will be able to # connect. Disable SSLv2 access by default: SSLProtocol all -SSLv2 -SSLv3
no comments |
post comment
Virtual Dave Megaplex:
- Home Page
- This wiki's start page
- Send Feedback To Dave
Logged in Users: (0)
Recently Changed
Check Internet Service Database Match- Device-Local Certificate Expired
- CLI Policy Lookup
- DH Selection For IPsec VPNs
- Scan For Newly Added Disk
- nmap
- Seconds Since Epoch to Local Time
- Link Monitor
- DH group to OAKLEY_GROUP table
- Fire Eater
- start
- FortiClient Error Codes
- dhparams Generation
- SSL Certificate Bundles
- ufw
- Grow A LVM Partition
- Creating Users
- whoami
- list databases
- 2023
- 2022
- 2019
- 2018
- 2017
- 2011
- 2010
- 2008
- 2001
- 2000
- 1999
Editing: snipsnap-help, Image Macro(Et auditum est, et idcirco ego nunc simulare)
This is a collection of techical information, much of it learned the hard way. Consider it a lab book or a /info directory. I doubt much of it will be of use to anyone else.