What version of TLS are your servers using?


A new hacking tool called BEAST cracks TLS 1.0/ SSL in under 10 minutes.

The attack is very specific and the attacker needs access to the network, however most servers are using version 1.0 of TLS required for the crack to work.

More details at the H Security.  The cracker debuted the exploit at ekoparty  September 20.

You can check the version of your TLS/SSL by running

openssl s_client -connect server.com:443 -[sslversion]

use ssl3, ssl2, tls1, dtls1 for [sslversion] to verify versions from an openssl enabled machine…

Tags: , , , , , ,

If you enjoyed this article, get new ones by email (it's free).

Email:

You can unsubscribe anytime and we will never share or sell your email address.



Leave a Reply