[Triumf-linux-managers] SSLv3 and the POODLE vulnerability - server patching
Konstantin Olchanski
olchansk at triumf.ca
Thu Mar 19 13:14:50 PDT 2015
On Wed, Mar 18, 2015 at 07:11:40PM -0700, Andrew Daviel wrote:
>
> ... adding -SSLv3 to the existing -SSLv2 line in httpd/conf.d/ssl.conf
>
Hi, Andrew - my ssl.conf looks like this -
> SSLProtocol all -SSLv2 -SSLv3
> SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
So SSLProtocol looks okey, but SSLCipherSuite I believe needs to be changed,
what should it say per latest recommendations?
--
Konstantin Olchanski
Data Acquisition Systems: The Bytes Must Flow!
Email: olchansk-at-triumf-dot-ca
Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
More information about the Triumf-linux-managers
mailing list