Ssl2 + ssl3 disable: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(Die Seite wurde neu angelegt: „=Apache2 SSLv3 deactivate= *cat /etc/apache2/httpd.conf SSLProtocol ALL -SSLv2 -SSLv3 =Dovecot SSLv3 deactivate= *cat /etc/dovecot/conf.d/10-ssl.conf ssl_p…“) |
|||
| Zeile 11: | Zeile 11: | ||
smtp_tls_protocols = !SSLv2, !SSLv3 | smtp_tls_protocols = !SSLv2, !SSLv3 | ||
smtpd_tls_protocols = !SSLv2 !SSLv3 | smtpd_tls_protocols = !SSLv2 !SSLv3 | ||
| + | =Tests= | ||
| + | ==Apache2== | ||
| + | *openssl s_client -ssl3 -connect www.example.com:443 | ||
| + | ==Dovecot== | ||
| + | *openssl s_client -ssl3 -connect www.example.com:993 | ||
| + | ==Postfix== | ||
| + | smtps | ||
| + | *openssl s_client -ssl3 -connect www.example.com:465 | ||
| + | or | ||
| + | submission | ||
| + | *openssl s_client -ssl3 -connect www.example.com:587 | ||
=Source= | =Source= | ||
*https://www.heinlein-support.de/blog/security/deaktivieren-sie-sslv3-apachepostfixdovecot-poodle-bug/ | *https://www.heinlein-support.de/blog/security/deaktivieren-sie-sslv3-apachepostfixdovecot-poodle-bug/ | ||
Version vom 5. November 2018, 13:56 Uhr
Apache2 SSLv3 deactivate
- cat /etc/apache2/httpd.conf
SSLProtocol ALL -SSLv2 -SSLv3
Dovecot SSLv3 deactivate
- cat /etc/dovecot/conf.d/10-ssl.conf
ssl_protocols = !SSLv2 !SSLv3
Postfix SSLv3 deactivate
- cat /etc/postfix/main.cf
smtpd_tls_mandatory_protocols = !SSLv2 !SSLv3 smtp_tls_mandatory_protocols = !SSLv2 !SSLv3 smtp_tls_protocols = !SSLv2, !SSLv3 smtpd_tls_protocols = !SSLv2 !SSLv3
Tests
Apache2
- openssl s_client -ssl3 -connect www.example.com:443
Dovecot
- openssl s_client -ssl3 -connect www.example.com:993
Postfix
smtps
- openssl s_client -ssl3 -connect www.example.com:465
or
submission
- openssl s_client -ssl3 -connect www.example.com:587