This is a static archive of the old Zorin Forum.

The information below may be outdated. Visit the new Zorin Forum here ›

If you have registered on the old forum, you will need to create an account on the new forum.

Old Zorin Forum archiveOff Topic

Security problem with browsers allowing SSL 3.0 use

Henriolavi

Thu Oct 16, 2014 8:28:17 am

Encrypted network connections has a vulnerability problem. Browsers and servers allow still using the SSL 3.0 encryption protocol, which is not completely safe any more . “Poodletest” and “ssllabs” browser test can determine whether this vulnerability is in the used browser. Has also been proposed the means in which it can be corrected by blocking the SSL 3.0's use. I tried to find out how to do it, but I do not really know how to do it right using in the web provided instructions mainly for FF(v.33), Chrome (v.38) and IE (v.11) browsers :roll: . Is there any help available for this? (I mean more detailed but practical than that what can be seen now in the web pages ;) ).

Here some more info and test links:

https://community.qualys.com/blogs/secu ... dle-attack

https://www.poodletest.com/ (this test obviously gives a wrong result to FF browser :cry: )

https://www.ssllabs.com/

Anonymous

Fri Oct 17, 2014 1:17:32 am

Learn How [ Tor Browser ]
Play with [ Kali Linux ]....it's a learning experience...even for the newest of newbies.
Very Good..... learning tool........for someone willing to put in a little....time/effort.

Henriolavi

Sat Oct 18, 2014 4:35:01 pm

Thank you for the reply. I managed to sort it out for FF(v.33), Chrome (v.38) and IE (v.11) browsers. Now these all passes the test.

Swarfendor437

Fri Oct 24, 2014 5:42:41 pm

The answers are in the Links I posted elsewhere:

http://www.sheffieldforum.co.uk/showthr ... ?t=1351990

In Opera,

Tools | Preferences | Advanced | Security [left pane] | Security Protocols Button - uncheck SSL 3.0 if check marked.

The poodle test was written by a Mac User but works in my Windows version of FF and IE! :D