Hello,
On Thu, Oct 16, 2014 at 11:34:04AM +0000, Andy Smith wrote:
By now you have probably been made aware of a security
deficiency in
the design of SSL 3.0 which has been dubbed "POODLE". Here's some
more info:
http://googleonlinesecurity.blogspot.co.uk/2014/10/this-poodle-bites-exploi…
I am writing to you because, unless this script is flawed:
https://gist.github.com/bitfolk/18e8f48ebe937e802967
then there are over 150 customer IPs at BitFolk that are still
supporting SSLv3 on port 443.
ShadowServer have started reporting on this now, and their latest
report still shows 79 IPs in BitFolk's customer IP space that are
vulnerable to SSLv3/Poodle.
I still don't want to be opening tickets with people individually
over this so unless there is an outrage against the idea then I'm
thinking of just posting next Tuesday's report here. It only takes a
few seconds to scan all of BitFolk's IP space anyway and there are
multiple scripts published to do so (including the one linked
above).
Cheers,
Andy
--
http://bitfolk.com/ -- No-nonsense VPS hosting