ANNOUNCE: Pound - reverse proxy and load balancer - v2.7d / Robert
Segall <[email protected]>
http://www.apsis.ch/pound/pound_list/archive/2014/2014-10/1413628998000
I see following enhancement was added:
- added "Disable PROTO" directives (fix for Poodle vulnerability)
currently, I'm using following:
[root@6svprx01 ~]# uname -a
Linux 6svprx01.XXX.org 2.6.32-504.el6.x86_64 #1 SMP Tue Sep 16
01:56:35 EDT 2014 x86_64 x86_64 x86_64 GNU/Linux
[root@6svprx01 ~]# rpm -q Pound
Pound-2.6-2.el6.x86_64
[root@6svprx01 ~]# grep Ciphers /etc/pound.cfg
Ciphers "ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:!SSLv2:RC4+RSA:+HIGH:+MEDIUM"
[root@6svprx01 ~]#
... to address POODLE SSLv3, I added "!SSLv3" into "Ciphers".
Yet while using "Qualys SSL Labs - Projects / SSL Server Test" to
test, I get "Protocol or cipher suite mismatch" in "Handshake
Simulation".
Is there a way to address this _WITHOUT_ upgrading to Pound v2.7d
(beta) and then using new directives?
--
http://alexus.org/
--
To unsubscribe send an email with subject unsubscribe to [email protected].
Please contact [email protected] for questions.
