1 Mar
2016
1 Mar
'16
12:16 p.m.
portal.ampr.org and www.portal.ampr.org are listed (as the only hosts in ampr.org) as
vulnerable
to the DROWN attack published today. it is not a high-priority issue but it is a good
idea to have
a look and fix the software and/or settings.
Rob*
*
1 Mar
1 Mar
1:27 p.m.
Hi Rob,
We are using Apache 2.4 which disables SSLv2 by default, I had also disabled v3 for good
measure, but when I saw the news I double checked anyway, so we should be good.
Thanks for the heads up though.
Regards,
Chris
> On 1 Mar 2016, at 17:16, Rob Janssen <pe1chl(a)amsat.org> wrote:
>
> (Please trim inclusions from previous messages)
> _______________________________________________
> portal.ampr.org and www.portal.ampr.org are listed (as the only hosts in ampr.org) as
vulnerable
> to the DROWN attack published today. it is not a high-priority issue but it is a
good idea to have
> a look and fix the software and/or settings.
>
> Rob*
> *
>
1:51 p.m.
On Tue, Mar 1, 2016 at 10:27 AM, G1FEF <chris(a)g1fef.co.uk> wrote:
We are using Apache 2.4 which disables SSLv2 by
default, I had also disabled v3 for good measure, but when I saw the news I double checked
anyway, so we should be good.
Thanks for the heads up though.
Regards,
Chris
SSLv2 is enabled in the mail server, and since you used the same
certificate for mail and https, https is left vulnerable.
Tom KD7LXL
2:05 p.m.
I think they are caching results not testing live because the mail server hasn’t supported
SSLv2 (or v3) since the last update, does anyone know of a live test facility so I can
double check?
Thanks,
Chris
On 1 Mar 2016, at 18:51, Tom Hayward
<esarfl(a)gmail.com> wrote:
(Please trim inclusions from previous messages)
_______________________________________________
On Tue, Mar 1, 2016 at 10:27 AM, G1FEF <chris(a)g1fef.co.uk> wrote:
We are using Apache 2.4 which disables SSLv2 by
default, I had also disabled v3 for good measure, but when I saw the news I double checked
anyway, so we should be good.
Thanks for the heads up though.
Regards,
Chris
SSLv2 is enabled in the mail server, and since you used the same
certificate for mail and https, https is left vulnerable.
Tom KD7LXL
_________________________________________
44Net mailing list
44Net(a)hamradio.ucsd.edu
http://hamradio.ucsd.edu/mailman/listinfo/44net 
2:12 p.m.
This is a pretty good article and it talks to a testing URL as well:
http://arstechnica.com/security/2016/03/more-than-13-million-https-websites…
--David
KI6ZHD
On 03/01/2016 11:05 AM, G1FEF wrote:
(Please trim inclusions from previous messages)
_______________________________________________
I think they are caching results not testing live because the mail server hasn’t
supported SSLv2 (or v3) since the last update, does anyone know of a live test facility so
I can double check?
2:13 p.m.
The web site https://drownattack.com/ has a downloadable port
scanner that tests for the vulnerability.
- Brian
On Tue, Mar 01, 2016 at 07:05:46PM +0000, G1FEF wrote:
I think they are caching results not testing live
because the mail server hasn’t supported SSLv2 (or v3) since the last update, does anyone
know of a live test facility so I can double check?
2:26 p.m.
Greetings Chris,
On Tue, 1 Mar 2016, G1FEF wrote:
(Please trim inclusions from previous messages)
_______________________________________________ I think they are caching
results not testing live because the mail server hasn’t supported SSLv2
(or v3) since the last update, does anyone know of a live test facility
so I can double check?
Try DNSINSPECT.COM and plug in "ampr.org" as the search criteria.
--- Jay Nugent WB8TKL
Hamgate.Washtenaw.AMPR.org
Ypsilanti, Michigan
2:43 p.m.
While dnsinspect.com has many useful tests, it doesn't check for DROWN
vulnerabilities.
- Brian
On Tue, Mar 01, 2016 at 02:26:34PM -0500, Jay Nugent wrote:
Try DNSINSPECT.COM and plug in "ampr.org"
as the search criteria.
5:34 p.m.
On Tue, 1 Mar 2016 19:05:46 +0000, G1FEF <chris(a)g1fef.co.uk> wrote:
(Please trim inclusions from previous messages)
_______________________________________________
I think they are caching results not testing live because the mail server hasnt supported
SSLv2 (or v3) since the last update, does anyone know of a live test facility so I can
double check?
Source code for a client-side DROWN scanner.
https://github.com/nimia/public_drown_scanner
--
Geoff Joy - ke6qh -
AmprNet IP Address Coordinator for San Bernardino & Riverside Counties.
(44.18/16)
3 Mar
3 Mar
9:41 a.m.
if may be usefull...on line check:
https://test.drownattack.com/?site=ampr.org
results (now):
Vulnerable Certificates:
portal.ampr.org
www.portal.ampr.org
81.174.235.134:25
Vulnerable Because: supports SSLv2 export ciphers
Lorenzo iw3her
2016-03-01 23:34 GMT+01:00 Geoff Joy -KE6QH- <geoff(a)windowmeister.com>om>:
(Please trim inclusions from previous messages)
_______________________________________________
On Tue, 1 Mar 2016 19:05:46 +0000, G1FEF <chris(a)g1fef.co.uk> wrote:
Source code for a client-side DROWN scanner.
https://github.com/nimia/public_drown_scanner
--
Geoff Joy - ke6qh -
AmprNet IP Address Coordinator for San Bernardino & Riverside Counties.
(44.18/16)
_________________________________________
44Net mailing list
44Net(a)hamradio.ucsd.edu
http://hamradio.ucsd.edu/mailman/listinfo/44net
--
Lorenzo Simoncello
(Please trim inclusions from previous messages)
_______________________________________________
I think they are caching results not testing live because the mail server
hasn’t
supported SSLv2 (or v3) since the last update, does anyone know of a
live test facility so I can double check?
9:43 a.m.
there is a little note:
"This tool uses data collected during February 2016. It does not
immediately update as servers patch."
2016-03-03 15:41 GMT+01:00 Lorenzo Simoncello <lorenzo.simoncello(a)gmail.com>
:
if may be usefull...on line check:
https://test.drownattack.com/?site=ampr.org
results (now):
Vulnerable Certificates:
portal.ampr.org
www.portal.ampr.org
81.174.235.134:25
Vulnerable Because: supports SSLv2 export ciphers
Lorenzo iw3her
2016-03-01 23:34 GMT+01:00 Geoff Joy -KE6QH- <geoff(a)windowmeister.com>om>:
--
Lorenzo Simoncello
(Please trim inclusions from previous messages)
_______________________________________________
On Tue, 1 Mar 2016 19:05:46 +0000, G1FEF <chris(a)g1fef.co.uk> wrote:
Source code for a client-side DROWN scanner.
https://github.com/nimia/public_drown_scanner
--
Geoff Joy - ke6qh -
AmprNet IP Address Coordinator for San Bernardino & Riverside Counties.
(44.18/16)
_________________________________________
44Net mailing list
44Net(a)hamradio.ucsd.edu
http://hamradio.ucsd.edu/mailman/listinfo/44net
--
Lorenzo Simoncello
(Please trim inclusions from previous messages)
_______________________________________________
I think they are caching results not testing live because the mail
server hasn’t
supported SSLv2 (or v3) since the last update, does anyone
know of a live test facility so I can double check?
3186
days inactive
3188
days old
10 comments
8 participants
participants (8)
-
Brian Kantor -
David Ranch -
G1FEF -
Geoff Joy -KE6QH- -
Jay Nugent -
Lorenzo Simoncello -
Rob Janssen -
Tom Hayward