On Fri, Jan 16, 2015 at 3:45 AM, Matthew Saltzman <mjs@xxxxxxxxxxx> wrote: > On Thu, 2015-01-15 at 19:09 +0100, Andre Speelmans wrote: >> On Thu, Jan 15, 2015 at 3:40 AM, Matthew Saltzman <mjs@xxxxxxxxxxx> wrote: >> > SSLLabs reports a couple of servers of mine have SSL v3 enabled and are >> > vulnerable to POODLE. I followed instructions for Apache httpd at >> > https://scotthelme.co.uk/sslv3-goes-to-the-dogs-poodle-kills-off-protocol/, but that does not seem to cure the problem. >> > SSLLabs still reports the servers as vulnerable. Does anyone know what I'm missing? >> >> Given that you are on the university network, are you sure there is no >> proxy in between and that SSLLabs is testing the proxy? > > Good question. One of the servers is actually outside the university > firewall, so I *thinK* that's not an issue, at least for that machine. > I'm pretty sure that machines on the campus network are behind a network > firewall, but not behind a campus proxy. Perhaps a simple way to test it would be to disable TLS in your browser and try connecting to them? As you are inside the campus network, you would probably not hit a proxy and if you only accept SSL and not TLS, the connection should fail. In firefox I would set security.tls.version.min to 10 or so and see what happens. Note: I have not actually tried it, but I think that would do the trick. -- Best regard, André -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
