Hi all, Just coming back to this one, my system (OpenVAS7 on Fedora 20) still shows up as being prone to POODLE on port 9390 which belongs to openvasmd:
[chris@openvas openvas]$ sudo lsof -i:9390 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME openvasmd 834 root 3u IPv4 23286 0t0 TCP *:otp (LISTEN) How can I permanently disable SSLv3 there? Regards, Christiaan de Vries w: +353 1 526 7736 | m: +353 860 234 384 | e: christiaan.devries @hetg.ie | www.DigitalPlanet.ie | www.hetg.ie HIBERNIA HOUSE | Cherrywood Business Park | Loughlinstown | Dublin 18 | Ireland Hibernia Services Ltd. is registered in Ireland, Company Registration No. 170309 © 2014 Digital Planet, part of the HiberniaEvros Technology Group -----Original Message----- From: Openvas-discuss [mailto:[email protected]] On Behalf Of Chris Sent: 08 December 2014 19:59 To: [email protected] Subject: Re: [Openvas-discuss] Modifying the OpenVAS SSL config Hi, > For example, the article shows: gsad > --gnutls-priorities="SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0" > However, in my limited understanding of POODLE, SSLv3 using CBC > ciphers are vulnerable to that MITM attack. SSLv3 is disabled via the: -VERS-SSL3.0 string. _______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss _______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
