[prev in list] [next in list] [prev in thread] [next in thread]
List: webappsec
Subject: RE: SSL v2/v3 configuration
From: "Dimitris Petropoulos" <D.Petropoulos () encode-sec ! com>
Date: 2004-05-21 14:01:22
Message-ID: 4351D46712790843A8CC2F09A48F509620E80B () mail-server
[Download RAW message or body]
Dear Gareth,
Regarding IIS:
http://support.microsoft.com/?kbid=245030
http://support.microsoft.com/default.aspx?scid=kb;en-us;187498
Regarding Apache:
http://httpd.apache.org/docs-2.0/mod/mod_ssl.html#sslciphersuite
Hope this helps.
Best regards,
-----------------------
Dimitrios Petropoulos
MSc InfoSec, CISSP
Director, Security Research & Development
ENCODE S.A.
3, R.Melodou Str
151 25 Maroussi
Athens, Greece
Tel: +30210-6178410
Fax: +30210-6109579
web: www.encode-sec.com
------------------------
> -----Original Message-----
> From: Gareth Bromley [mailto:gbromley@intstar.com]
> Sent: Friday, May 21, 2004 11:28 AM
> To: webappsec@securityfocus.com
> Subject: SSL v2/v3 configuration
>
>
> As subject:
>
> Got myself stumped the other day when looking at a clients
> configuration for a SSL webserver (on IIS) and noticed they
> accepted SSLv2 requests. For the life of me I couldn't figure
> out how to correct this behaviour (both IIS5 and IIS6), and
> wondered if anyone had good pointers to how to do this (so I
> am able to create suitable guidelines for this).
>
> Of course this got me thinking, what about other webservers
> e.g. Netscape /iPlanet, etc which also may not be so well
> documented. Is anyone aware of any good links detailing
> sensible configuration for most common web serving platforms?
>
> Regards
>
> Gareth
>
>
******************************************************************
Any views expressed in this message are those of the
individual sender, except where the sender specifically
states them to be the views of ENCODE S.A.
******************************************************************
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic