Blocking POODLE
Matthew Saltzman
mjs at clemson.edu
Thu Jan 15 15:27:08 UTC 2015
On Wed, 2015-01-14 at 22:39 -0700, Chris Murphy wrote:
> On Wed, Jan 14, 2015 at 7:40 PM, Matthew Saltzman <mjs at clemson.edu> wrote:
> > SSLLabs reports a couple of servers of mine have SSL v3 enabled and are
> > vulnerable to POODLE. I followed instructions for Apache httpd at
> > https://scotthelme.co.uk/sslv3-goes-to-the-dogs-poodle-kills-off-protocol/, but that does not seem to cure the problem. SSLLabs still reports the servers as vulnerable. Does anyone know what I'm missing?
> >
> > The server also runs Trac and Subversion servers and a separate vhost
> > runs Jenkins. Does something special need to be done for those
> > services?
> >
> > (These are, in fact, RHEL 7 servers running httpd-2.2.15-39.el6.x86_64,
> > but I hope someone here will know what's going on.)
>
>
> RHEL servers have support from Red Hat, send an email or pick up the
> phone. The patches between RHEL and Fedora are documented, but unless
> someone actually knows the answer it's totally non-obvious how to
> answer your question other than "yes I realize it's 2015, but here's
> how you use a telephone..."
>
Well, this is a site license at a large university, so in order to get
to RH support, I have to go through (sometimes not very responsive or
helpful) institutional IT middlemen. So I thought I'd ask here first,
in case the answer was simple and/or common across httpd versions,
because sometimes folks on this list are generous and willing to help
out in such cases.
Sorry to bother you.
--
Matthew Saltzman
Clemson University Math Sciences
mjs AT clemson DOT edu
More information about the users
mailing list