10 Dec
2014
10 Dec
'14
9:54 a.m.
Yeah, fine with me.
Thanks
On 9 December 2014 19:39:05 GMT+00:00, Andy Smith <andy(a)bitfolk.com> wrote:
Hello,
On Thu, Oct 16, 2014 at 11:34:04AM +0000, Andy Smith wrote:
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.
By now you have probably been made aware of a
security deficiency in
the design of SSL 3.0 which has been dubbed "POODLE". Here's some
more info:
http://googleonlinesecurity.blogspot.co.uk/2014/10/this-poodle-bites-exploi…
I am writing to you because, unless this script is flawed:
https://gist.github.com/bitfolk/18e8f48ebe937e802967
then there are over 150 customer IPs at BitFolk that are still
supporting SSLv3 on port 443.
ShadowServer have started reporting on this now, and their latest
report still shows 79 IPs in BitFolk's customer IP space that are
vulnerable to SSLv3/Poodle.
I still don't want to be opening tickets with people individually
over this so unless there is an outrage against the idea then I'm
thinking of just posting next Tuesday's report here. It only takes a
few seconds to scan all of BitFolk's IP space anyway and there are
multiple scripts published to do so (including the one linked
above).
Cheers,
Andy
--
http://bitfolk.com/ -- No-nonsense VPS hosting
------------------------------------------------------------------------
_______________________________________________
announce mailing list
announce(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/announce