This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Ssl ddos

hmm, doesn't sound too good:
heise online - Neues Denial-of-Service-Tool legt verschlüsselnde Server lahm

So there is a tool which can ddos every system that negotiates ssl-keys.
I suppose someone could "kill" an astaro the same way, didn't test it so far, but is there a way to deactivate key renegotiation and will this have any bad side effects?

Is there an official Astaro Statement?

ng, Berndt

This thread was automatically locked due to age.

Parents

0 Admin Öpag over 13 years ago

ic, thanks for explanation.

on http://www.thc.org/thc-ssl-dos/ they update their info that they do not only address the known ssl vulnerability, but for example InfoWorld states that this again is only the half truth.

Let's see what's coming next, I tested my astaro with the downloadable version -> no problem at all.

ng, Berndt
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Admin Öpag over 13 years ago

ic, thanks for explanation.

on http://www.thc.org/thc-ssl-dos/ they update their info that they do not only address the known ssl vulnerability, but for example InfoWorld states that this again is only the half truth.

Let's see what's coming next, I tested my astaro with the downloadable version -> no problem at all.

ng, Berndt
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data