News: Cexx forums, with volunteers dedicated to helping you remove malware and stay protected
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
October 24, 2014, 00:26:33
Pages: [1]   Go Down
Topic: SSL 3.0 obsolete ...  (Read 13 times)
0 Members and 1 Guest are viewing this topic.
« on: October 23, 2014, 08:22:05 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8348


Oct 23, 2014 - "... in the Oct. 14 Mozilla blog post*, Firefox 34, due to be released on Nov. 25, will disable SSL 3.0 support. In the meantime, Mozilla recommends installing the add-on (download site**), “SSL Version Control 0.2? (see Figure 2), which will let you control SSL support within the browser. (Some websites have recommended adjusting Firefox settings in the configuration file, but Mozilla recommends using the add-on instead.)..."
... Internet Explorer: In IE, click the gear (settings) icon, open Internet options, and then select the Advanced tab. Scroll down the Settings list to the Security category, and then look for Use SSL 3.0. Uncheck the box (see Figure 3), click OK, and then relaunch IE... Microsoft released an initial security advisory on this topic; expect to see additional guidance in the near future...
... How to test your browser’s TLS/SSL protection:
Several websites test whether your currently open browser supports SSL 3.0. For a simple test, displays a poodle dog if your browser still supports SSL 3.0, and a Springfield terrier if it doesn’t. On the other hand, Qualys SSL Labs (site***) provides a more detailed analysis of the SSL protocols your browser supports.
As noted above, some business sites such as online -banking- might still need SSL 3.0. Again, I recommend leaving SSL 3.0 support on -one- browser; it’ll be faster and safer than repeatedly adjusting browser settings. If you’re running a Web server or small-business server, you should -disable- SSL 3.0 support to better protect connected workstations and Internet-based phones...  there’s a silver lining to this latest security mess — it should now force everyone on the Internet to finally abandon a dated, insecure protocol."
"Your user agent is not vulnerable..." < What you want to see after the new Firefox extention is installed.

Chrome: In Google’s browser, edit the shortcut that launches the browser, adding a flag to the end of the Shortcut path. Start by selecting the icon normally used to launch Chrome. Right-click the icon and select Properties. Under the Shortcut tab, find the box labeled “Target” and insert –ssl-version-min=tls1 immediately after chrome.exe” (see Figure 1). It should look something like this (note the space between .exe” and –ssl-):
“C:\Program Files (x86)\Google\Chrome\Application\chrome.exe” –ssl-version-min=tls1
Figure 1:

Figure 2:

Figure 3:

 Exclamation  Shocked
« Last Edit: October 23, 2014, 09:31:42 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
Pages: [1]   Go Up
Jump to:  

Powered by SMF 1.1.20 | SMF © 2013, Simple Machines Page created in 0.254 seconds with 21 queries.