portal.ampr.org and www.portal.ampr.org are listed (as the only hosts in ampr.org) as vulnerable to the DROWN attack published today. it is not a high-priority issue but it is a good idea to have a look and fix the software and/or settings.
Rob* *
Hi Rob,
We are using Apache 2.4 which disables SSLv2 by default, I had also disabled v3 for good measure, but when I saw the news I double checked anyway, so we should be good.
Thanks for the heads up though.
Regards, Chris
On 1 Mar 2016, at 17:16, Rob Janssen pe1chl@amsat.org wrote:
(Please trim inclusions from previous messages) _______________________________________________ portal.ampr.org and www.portal.ampr.org are listed (as the only hosts in ampr.org) as vulnerable to the DROWN attack published today. it is not a high-priority issue but it is a good idea to have a look and fix the software and/or settings.
Rob*
On Tue, Mar 1, 2016 at 10:27 AM, G1FEF chris@g1fef.co.uk wrote:
We are using Apache 2.4 which disables SSLv2 by default, I had also disabled v3 for good measure, but when I saw the news I double checked anyway, so we should be good.
Thanks for the heads up though.
Regards, Chris
SSLv2 is enabled in the mail server, and since you used the same certificate for mail and https, https is left vulnerable.
Tom KD7LXL
I think they are caching results not testing live because the mail server hasn’t supported SSLv2 (or v3) since the last update, does anyone know of a live test facility so I can double check?
Thanks, Chris
On 1 Mar 2016, at 18:51, Tom Hayward esarfl@gmail.com wrote:
(Please trim inclusions from previous messages) _______________________________________________ On Tue, Mar 1, 2016 at 10:27 AM, G1FEF chris@g1fef.co.uk wrote:
We are using Apache 2.4 which disables SSLv2 by default, I had also disabled v3 for good measure, but when I saw the news I double checked anyway, so we should be good.
Thanks for the heads up though.
Regards, Chris
SSLv2 is enabled in the mail server, and since you used the same certificate for mail and https, https is left vulnerable.
Tom KD7LXL _________________________________________ 44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
This is a pretty good article and it talks to a testing URL as well:
http://arstechnica.com/security/2016/03/more-than-13-million-https-websites-...
--David KI6ZHD
On 03/01/2016 11:05 AM, G1FEF wrote:
(Please trim inclusions from previous messages) _______________________________________________ I think they are caching results not testing live because the mail server hasn’t supported SSLv2 (or v3) since the last update, does anyone know of a live test facility so I can double check?
The web site https://drownattack.com/ has a downloadable port scanner that tests for the vulnerability. - Brian
On Tue, Mar 01, 2016 at 07:05:46PM +0000, G1FEF wrote:
I think they are caching results not testing live because the mail server hasn’t supported SSLv2 (or v3) since the last update, does anyone know of a live test facility so I can double check?
Greetings Chris,
On Tue, 1 Mar 2016, G1FEF wrote:
(Please trim inclusions from previous messages) _______________________________________________ I think they are caching results not testing live because the mail server hasn’t supported SSLv2 (or v3) since the last update, does anyone know of a live test facility so I can double check?
Try DNSINSPECT.COM and plug in "ampr.org" as the search criteria.
--- Jay Nugent WB8TKL Hamgate.Washtenaw.AMPR.org Ypsilanti, Michigan
On Tue, 1 Mar 2016 19:05:46 +0000, G1FEF chris@g1fef.co.uk wrote:
(Please trim inclusions from previous messages) _______________________________________________ I think they are caching results not testing live because the mail server hasnt supported SSLv2 (or v3) since the last update, does anyone know of a live test facility so I can double check?
Source code for a client-side DROWN scanner.
https://github.com/nimia/public_drown_scanner
if may be usefull...on line check:
https://test.drownattack.com/?site=ampr.org
results (now):
Vulnerable Certificates:
portal.ampr.org www.portal.ampr.org
81.174.235.134:25
Vulnerable Because: supports SSLv2 export ciphers
Lorenzo iw3her
2016-03-01 23:34 GMT+01:00 Geoff Joy -KE6QH- geoff@windowmeister.com:
(Please trim inclusions from previous messages) _______________________________________________ On Tue, 1 Mar 2016 19:05:46 +0000, G1FEF chris@g1fef.co.uk wrote:
(Please trim inclusions from previous messages) _______________________________________________ I think they are caching results not testing live because the mail server
hasn’t supported SSLv2 (or v3) since the last update, does anyone know of a live test facility so I can double check?
Source code for a client-side DROWN scanner.
https://github.com/nimia/public_drown_scanner
Geoff Joy - ke6qh - AmprNet IP Address Coordinator for San Bernardino & Riverside Counties. (44.18/16)
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
there is a little note:
"This tool uses data collected during February 2016. It does not immediately update as servers patch."
2016-03-03 15:41 GMT+01:00 Lorenzo Simoncello lorenzo.simoncello@gmail.com :
if may be usefull...on line check:
https://test.drownattack.com/?site=ampr.org
results (now):
Vulnerable Certificates:
portal.ampr.org www.portal.ampr.org
81.174.235.134:25
Vulnerable Because: supports SSLv2 export ciphers
Lorenzo iw3her
2016-03-01 23:34 GMT+01:00 Geoff Joy -KE6QH- geoff@windowmeister.com:
(Please trim inclusions from previous messages) _______________________________________________ On Tue, 1 Mar 2016 19:05:46 +0000, G1FEF chris@g1fef.co.uk wrote:
(Please trim inclusions from previous messages) _______________________________________________ I think they are caching results not testing live because the mail
server hasn’t supported SSLv2 (or v3) since the last update, does anyone know of a live test facility so I can double check?
Source code for a client-side DROWN scanner.
https://github.com/nimia/public_drown_scanner
Geoff Joy - ke6qh - AmprNet IP Address Coordinator for San Bernardino & Riverside Counties. (44.18/16)
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
-- Lorenzo Simoncello
-
Brian Kantor -
David Ranch -
G1FEF -
Geoff Joy -KE6QH- -
Jay Nugent -
Lorenzo Simoncello -
Rob Janssen -
Tom Hayward