store | blogs | forums | twitter | facebook | wiki | downloads | support portal
Atomic Secure Linux
It is currently Sat Aug 24, 2019 7:11 am

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]




Post new topic Reply to topic  [ 2 posts ] 
Author Message
 Post subject: SWEET32 - CVE-2016-2183
Unread postPosted: Wed Aug 24, 2016 1:00 pm 
Offline
Forum Regular
Forum Regular

Joined: Tue Jul 15, 2008 2:38 pm
Posts: 805
Location: Sweden
Should we be concerned?

https://www.openssl.org/blog/blog/2016/08/24/sweet32/


Top
 Profile  
Reply with quote  
 Post subject: Re: SWEET32 - CVE-2016-2183
Unread postPosted: Wed Aug 24, 2016 4:29 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
User avatar

Joined: Thu Feb 07, 2008 7:49 pm
Posts: 4082
Location: Chantilly, VA
No. DES/3DES is the only cipher used in SSL/TLS which has a block size of 64 bits. Ciphers with larger block sizes, such as AES, are immune to the attack. So unless you're using DES or 3DES ciphers with your webserver, you dont need to be concerned. ASL disables DES and 3DES in apache by default, if you are using another webserver check to make sure you have those ciphers disabled.

_________________
Michael Shinn
Atomicorp - Security For Everyone


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group