[Samba] SSL Renegotiation Attack "Disabling reneotiation"
L.P.H. van Belle
belle at bazuin.nl
Tue Aug 18 08:35:52 UTC 2015
As far as i know, no.
Unless you are forceing all clients to use SSLv2 only (since that doesn't support renegotiation).
Are you sure you want to disable it and not just prevent old clients from
using the vulnerable renegotiation methods? If it's the last
you'll need to upgrade to 2.8+ to get access to tls_disable_workarounds.
you have 2 problems.
- One is the vulnerable methods
- the other is renegotiation is considered a denial of service vulnerability..
You really dont have any option to upgrade..
Whats the os your running?
>Van: abid.hussain25 at gmail.com
>[mailto:owner-postfix-users at postfix.org] Namens Abid Hussain
>Verzonden: dinsdag 18 augustus 2015 10:29
>Aan: postfix-users at postfix.org
>Onderwerp: SSL Renegotiation Attack "Disabling reneotiation"
>I am using postfix 2.6 and currently cannot upgrade it. kindly
>renegotiation can be disabled completely. Probably a command in
>View this message in context:
>Sent from the Postfix Users mailing list archive at Nabble.com.
More information about the samba