similar to: Testing "dark" SSL sites

Hi, how do I protect dovecot 1.2.17 against poodle? Br /Marc -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 842 bytes Desc: Message signed with OpenPGP using GPGMail URL: <http://dovecot.org/pipermail/dovecot/attachments/20141019/b4152487/attachment-0001.sig>

Thanks Kelvin I'm a bit confised tho, is this patch already avaiable? if yes, what is the parameter that disable ssl into the smb.conf? Maybe the guys from Enterprise samba have already included the patch into their releases so it's just a maatter of enabling the flag. I'm using sernet-samba-4.2.2 Thanks!

Good Day All Sorry if this is a repeated email, but I need some information about how to disable SSL on a Samba4.2.2 AD domain controller as the nessus scanner is reporting the POODLE vulnerability and we are not allowed to have any of that in our environment. the nessus scan reports poodle vulnerability on all these ports: 443, 636, 3269 I had a look at previous posts but couldn't find a

Hi all, Am trying to find a way to disable SSLv3 protocol in smb.conf on Samba4. I am using the following: tls enabled = yes tls keyfile = tls/myKey.pem tls certfile = tls/myCert.pem tls cafile = With a self-signed cert. But when I remote connect from another host using: openssl s_client -showcerts -connect samba4-dc:636 -ssl3 I get a successful

s_client: Option unknown option -trace *** x509: Unknown parameter text On 5/25/20 11:49 AM, Aki Tuomi wrote: > Hi! > > Can you do > > openssl x509 text -noout </etc/letsencrypt/live/...../fullchain.pem > > and check these things: > > your server hostname isn included in SubjectAlternativeNames, and that the cert hasn't got MUST-STAPLE attribute? You can see

CentOS Errata and Security Advisory 2014:1652 The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- i386 ----------------------------- 5898ac3179dfdd904c352badd79b6f5ec702315f4bc7b8989de8f114304fbd78 openssl-1.0.1e-30.el6_5.2.i686.rpm dcc5d47340d69f53af592a92282df89ef3bd4705ce34f4a57a93d211e93cfd7d

CentOS Errata and Security Advisory 2014:1652 The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- i386 ----------------------------- 5898ac3179dfdd904c352badd79b6f5ec702315f4bc7b8989de8f114304fbd78 openssl-1.0.1e-30.el6_5.2.i686.rpm dcc5d47340d69f53af592a92282df89ef3bd4705ce34f4a57a93d211e93cfd7d

Hello all, I'd like to contribute to the CentOS wiki. Per these docs[0], I should email this list with the following information. Username: DanielFarrell Contribution subject: Update CBS Koji Poodle patch docs Contribution location: http://goo.gl/7Oe9QO (CBS HOWTO#Quickstart) I'd like to make the docs related to patching Koji for the Poodle exploit[1] generally more clear. For example,

Hello Brian, Sorry to my late answer, I did what you suggest previously This error suggests a problem with your certificate. If it used to work previously, then check it hasn't expired. openssl s_client -connect devsamba.lucas.ufes.br:636 copy-paste the certificate into a pem file, including begin/end lines openssl x509 -in mycert.pem -noout -enddate And check your root CA

On 1/9/2015 3:06 AM, Philipp Resch <philipp at devh.de> wrote: > It seems as if claws mail is preferring SSLv3 And since dovecot is really not affected by the poodle vulnerability, if you can't upgrade (I believe 2.2 is in the backports repo?), probably easiest to just reenable SSLv3...

Hello, I have installed samba 3.0.2a as PDC and BDC, I am able to add windows xp to domain and have added all the registry patches to windows xp, but when it comes to domain logon on windows xp client, the behaviour is very erratic, sometimes I am able to logon to domain and sometimes the domain logon fails, we need to restart the xp machine and keep trying to the domain logon. The error we

The following updates address POODLE on CentOS: CentOS-5: http://lists.centos.org/pipermail/centos-announce/2014-October/020696.html CentOS-6.5: http://lists.centos.org/pipermail/centos-announce/2014-October/020697.html CentOS-7: http://lists.centos.org/pipermail/centos-announce/2014-October/020695.html Please note that the CentOS-6.5 updates are built from: openssl-1.0.1e-30.el6_5.2.src.rpm

On Mon, Feb 2, 2015 at 8:02 PM, Kahlil Hodgson <kahlil.hodgson at dealmax.com.au> wrote: > On 3 February 2015 at 13:34, PatrickD Garvey <patrickdgarveyt at gmail.com> wrote: >> Now how about some specific sources you personally used to learn your >> craft that we can use likewise? > > So many places it makes my brain hurt just thinking about it. Google > and

I read this on the RHN commentary respecting cve-2014-3566: https://securityblog.redhat.com/2014/10/15/poodle-a-ssl3-vulnerability-cve-2014-3566/: . . . The first aspect of POODLE, the SSL 3.0 protocol vulnerability, has already been fixed through iterative protocol improvements, leading to the current TLS version, 1.2. It is simply not possible to address this in the context of the SSL 3.0

Hi, I'm building a graph (barplot) in which the X axis label disappears. I tried to use the option mgp of par() and I could not get the desired result. Note that want the axis labels horizontally. caes = c(37,20,19,16,75,103) names(caes) = c("Pinscher", "Pastor \n Alem?o", "Poodle", "Rottweiller", "SRD", "Outros") caess =

Hello Aki and all, The below lines are in the dovecot config file. This seems to be the same as Aki's suggestion. correct? I have also double checked file perms, tried with several new key gens, several versions of thunderbird and created completely new thunderbird profiles. Thank you, ssl_cert = </etc/letsencrypt/live/...../fullchain.pem ssl_key =

Can anyone with a well-connected crystal ball suggest a timeframe for an IA64 release of CentOS 5? Weeks? Months? Never? Thanks Nigel Kendrick -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20090305/9e37ac3a/attachment-0004.html>

Here's one for you if you have the time: I very stupidly killed the wrong process on a server on a remote site on Friday and now I cannot ssh login to it! It's not a major problem as it's main functions are as a file and print sharer (samba) and to run postfix/mailscanner, and I can have someone on site reboot the server when they start work on Monday, but I was wondering whether I

Hi all, when hardening dovecot against the POODLE vulnerability, we followed the advise to disable SSL2 and SSL3 but this is giving problems with some email clients (claws-mail). ssl_protocols = !SSLv2 !SSLv3 results in the following error: dovecot: pop3-login: Disconnected (no auth attempts in 1 secs): user=<>, rip=XXX, lip=XXX, TLS handshaking: SSL_accept() failed: error:1408A0C1:SSL

I appear to be having a problem with samba using kerberos to authenticate to a win2k pdc. Background: Windows 2kSP4 PDC. WhiteBox Enterprise Linux 3 running 2.4.21-4.ELsmp on x86. samba 3.0.2-6.3E.i386 from the distribution's rpm. krb5-1.3.1 I can successfully use "net ads join" and see the computer appear in Active Directory. I can use kinit to authenticate via kerberos, and