Windows Server: Disabling SSL 3.0, TLS 1.0, and TLS 1.1
KB ID 0001675 What are these protocols? Both SSL and TLS are cryptographic protocols designed to secure communications over a network (remember the internet is just a network). Originally we had SSL version 1 and version 2. But they were, (to be honest) ‘a bit bobbins’ and full of security holes, so never really took off. Version 3 however did and was widely supported. The problem with version 3 was, (again) that was also ‘bobbins’....
Dell DRAC 5 – ‘Error when reading from SSL socket Connection’
KB ID 0001062 Problem Ages ago I did an article on how a Java update has stopped me getting access to the DRAC 5 controller on my Power Edge 2950. Well I had more problems this week trying to get on from my MAC. Solution The problem is, Java have pretty much blocked communications with SSLv3 (in light of the recent Poodle attack scares). Which is fair enough, but it’s not helping me get on my server that’s 50 miles away!...
Cisco ASA – Disable SSLv3 (Force TLSv1.0) – Mitigate POODLE
KB ID 0001052 Problem By default the Cisco ASA will allow connection via SSLv3. The POODLE exploit works by forcing SSL to fall back to SSLv3 and then decrypting that communication. However you are still not completely protected as per this Threat Validation, so the ASA platform can still be attacked via TLSv1.0. Note: At time of writing TLSv1.2 is not supported, but it is on the road-map for version 9.3(2). So this procedure will not...