In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-09-16 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)06/01 Report--
We have just learned about SSLv3-Poodle * * from OpenSSL's official website. Please pay attention to it. For more information, please visit https://www.openssl.org/~bodo/ssl-poodle.pdf
This vulnerability runs through all SSLv3 versions. By using this vulnerability, you can successfully obtain transmitted data (such as cookies) by using similar methods such as man-in-the-middle * * (as long as both ends of the hijacked data encryption use SSL3.0). As of the post, no patches have been released.
WoSign recommends that you turn off client-side SSLv3 support, or turn off server SSLv3 support, or both.
Turn off server SSLv3 support:
Nginx:
Ssl_protocols TLSv1 TLSv1.1 TLSv1.2
Ssl_prefer_server_ciphers on
Ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256
SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE
RSAMuAES128FUSALLLV RC4MUBE SARAPHUAES128US128USLAV RC4MUBG SHAV aNULLRO eNULLV EXPORTOR "DESOR" 3DESIN "MD5RV" DSSRAPOR PKS
Ssl_session_timeout 5m
Ssl_session_cache builtin:1000 shared:SSL:10m
Apache:
SSLProtocol all-SSLv2-SSLv3
SSLHonorCipherOrder on
SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256
SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE
RSAcopyright AES128Mutual SHAVOR RC4MUBE SAMULAR A NULLRO MD5RU DSS
Turn off client SSLv3 support:
Google has said that chorme browsers have technologically blocked browsers from automatically downgrading to SSL3.0 links. Manually turn off the methods supported by SSL 3.0.
Windows users:
1) completely close the Chrome browser
2) copy a shortcut that normally opens the Chrome browser
3) right-click on the new shortcut to enter the properties
4) enter the following command at the end of the field in the space after "destination"-- ssl-version-min=tls1
Mac OS X users:
1) completely close the Chrome browser
2) find the terminal that comes with this machine (Terminal)
3) enter the following command: / Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome-- ssl-version-min=tls1
Linux users:
1) completely close the Chrome browser
2) enter the following command in the terminal: google-chrome-ssl-version-min=tls1
Firefox browser users can enter about: settings by entering about:config in the address bar and then adjusting security.tls.version.min to 1.
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
The market share of Chrome browser on the desktop has exceeded 70%, and users are complaining about
The world's first 2nm mobile chip: Samsung Exynos 2600 is ready for mass production.According to a r
A US federal judge has ruled that Google can keep its Chrome browser, but it will be prohibited from
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
About us Contact us Product review car news thenatureplanet
More Form oMedia: AutoTimes. Bestcoffee. SL News. Jarebook. Coffee Hunters. Sundaily. Modezone. NNB. Coffee. Game News. FrontStreet. GGAMEN
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
