[prev in list] [next in list] [prev in thread] [next in thread]
List: pfsense-discussion
Subject: Re: [pfSense] freak vulnerable for pfsense
From: WebDawg <webdawg () gmail ! com>
Date: 2015-03-20 22:39:15
Message-ID: CAKdd5H-J8PTUF1kM8dN07hzNSNPU=4t2gh6_n52bnGfezOaENg () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
On Thu, Mar 19, 2015 at 8:58 AM, Vick Khera <vivek@khera.org> wrote:
> pfsense < 2.2 have a split-brain openssl. so to test the version that
> you're getting with the openvpn service, you need to check the openssl
> linked to it. In this case "/usr/lcoal/bin/openssl version" will tell you
> it is newer.
>
> However, as everyone says, update to newest version of pfSense is your
> best move. Disabling export grade ciphers is also good advice.
>
>
This is most likley the wrong place to ask this but I figure some would
know. Why are EXPORT ciphers still written into the suite? I thought the
EXPORT rules were gone?
[Attachment #5 (text/html)]
<div dir="ltr">On Thu, Mar 19, 2015 at 8:58 AM, Vick Khera <span dir="ltr"><<a \
href="mailto:vivek@khera.org" target="_blank">vivek@khera.org</a>></span> \
wrote:<br><div class="gmail_extra"><div class="gmail_quote"><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><div dir="ltr">pfsense < 2.2 have a split-brain openssl. \
so to test the version that you're getting with the openvpn service, you need to \
check the openssl linked to it. In this case "/usr/lcoal/bin/openssl \
version" will tell you it is newer.<div><br></div><div>However, as everyone \
says, update to newest version of pfSense is your best move. Disabling export grade \
ciphers is also good advice.</div></div><div \
class="gmail_extra"><br></div></blockquote><div> <br></div><div>This is most likley \
the wrong place to ask this but I figure some would know. Why are EXPORT ciphers \
still written into the suite? I thought the EXPORT rules were \
gone?<br></div></div></div></div>
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic