贵宾犬SSLv3漏洞仍然测试失败
贵宾犬SSLv3漏洞仍然测试失败
提问于 2015-01-22 03:22:30
我在LinuxPlesk12.0服务器上运行我的网站。我读过几篇关于通过禁用SSLv3来修复贵宾狗漏洞的文章,并按照下面文章中的所有说明在我的服务器上禁用了它。
http://kb.sp.parallels.com/en/123160
问题是,当我这样做时,我运行了本文中指定的测试,它说我禁用了SSLv3。但是当我在一个在线测试上运行测试时,它失败了--我一直在https://www.ssllabs.com/ssltest/网站上测试它。
有没有人知道,为什么我所做的任何改变都不起作用,为什么我仍然脆弱?
注意:我还有一家保安公司在调查这件事,他们说我的一堆密码仍然很脆弱,这可能是原因。如果是的话,有人知道如何关闭它们吗?见下文:
[34mSupported Server Cipher(s):[0m
Failed SSLv3 256 bits ECDHE-RSA-AES256-GCM-SHA384
Failed SSLv3 256 bits ECDHE-ECDSA-AES256-GCM-SHA384
Failed SSLv3 256 bits ECDHE-RSA-AES256-SHA384
Failed SSLv3 256 bits ECDHE-ECDSA-AES256-SHA384
Accepted SSLv3 256 bits ECDHE-RSA-AES256-SHA
Rejected SSLv3 256 bits ECDHE-ECDSA-AES256-SHA
Failed SSLv3 256 bits SRP-DSS-AES-256-CBC-SHA
Failed SSLv3 256 bits SRP-RSA-AES-256-CBC-SHA
Failed SSLv3 256 bits SRP-AES-256-CBC-SHA
Failed SSLv3 256 bits DHE-DSS-AES256-GCM-SHA384
Failed SSLv3 256 bits DHE-RSA-AES256-GCM-SHA384
Failed SSLv3 256 bits DHE-RSA-AES256-SHA256
Failed SSLv3 256 bits DHE-DSS-AES256-SHA256
Accepted SSLv3 256 bits DHE-RSA-AES256-SHA
Rejected SSLv3 256 bits DHE-DSS-AES256-SHA
Accepted SSLv3 256 bits DHE-RSA-CAMELLIA256-SHA
Rejected SSLv3 256 bits DHE-DSS-CAMELLIA256-SHA
Rejected SSLv3 256 bits AECDH-AES256-SHA
Failed SSLv3 256 bits ADH-AES256-GCM-SHA384
Failed SSLv3 256 bits ADH-AES256-SHA256
Rejected SSLv3 256 bits ADH-AES256-SHA
Rejected SSLv3 256 bits ADH-CAMELLIA256-SHA
Failed SSLv3 256 bits ECDH-RSA-AES256-GCM-SHA384
Failed SSLv3 256 bits ECDH-ECDSA-AES256-GCM-SHA384
Failed SSLv3 256 bits ECDH-RSA-AES256-SHA384
Failed SSLv3 256 bits ECDH-ECDSA-AES256-SHA384
Rejected SSLv3 256 bits ECDH-RSA-AES256-SHA
Rejected SSLv3 256 bits ECDH-ECDSA-AES256-SHA
Failed SSLv3 256 bits AES256-GCM-SHA384
Failed SSLv3 256 bits AES256-SHA256
Accepted SSLv3 256 bits AES256-SHA
Accepted SSLv3 256 bits CAMELLIA256-SHA
Failed SSLv3 256 bits PSK-AES256-CBC-SHA
Accepted SSLv3 168 bits ECDHE-RSA-DES-CBC3-SHA
Rejected SSLv3 168 bits ECDHE-ECDSA-DES-CBC3-SHA
Failed SSLv3 168 bits SRP-DSS-3DES-EDE-CBC-SHA
Failed SSLv3 168 bits SRP-RSA-3DES-EDE-CBC-SHA
Failed SSLv3 168 bits SRP-3DES-EDE-CBC-SHA
Accepted SSLv3 168 bits EDH-RSA-DES-CBC3-SHA
Rejected SSLv3 168 bits EDH-DSS-DES-CBC3-SHA
Rejected SSLv3 168 bits AECDH-DES-CBC3-SHA
Rejected SSLv3 168 bits ADH-DES-CBC3-SHA
Rejected SSLv3 168 bits ECDH-RSA-DES-CBC3-SHA
Rejected SSLv3 168 bits ECDH-ECDSA-DES-CBC3-SHA
Accepted SSLv3 168 bits DES-CBC3-SHA
Failed SSLv3 168 bits PSK-3DES-EDE-CBC-SHA
Failed SSLv3 128 bits ECDHE-RSA-AES128-GCM-SHA256
Failed SSLv3 128 bits ECDHE-ECDSA-AES128-GCM-SHA256
Failed SSLv3 128 bits ECDHE-RSA-AES128-SHA256
Failed SSLv3 128 bits ECDHE-ECDSA-AES128-SHA256
Accepted SSLv3 128 bits ECDHE-RSA-AES128-SHA
Rejected SSLv3 128 bits ECDHE-ECDSA-AES128-SHA
Failed SSLv3 128 bits SRP-DSS-AES-128-CBC-SHA
Failed SSLv3 128 bits SRP-RSA-AES-128-CBC-SHA
Failed SSLv3 128 bits SRP-AES-128-CBC-SHA
Failed SSLv3 128 bits DHE-DSS-AES128-GCM-SHA256
Failed SSLv3 128 bits DHE-RSA-AES128-GCM-SHA256
Failed SSLv3 128 bits DHE-RSA-AES128-SHA256
Failed SSLv3 128 bits DHE-DSS-AES128-SHA256
Accepted SSLv3 128 bits DHE-RSA-AES128-SHA
Rejected SSLv3 128 bits DHE-DSS-AES128-SHA
Rejected SSLv3 128 bits DHE-RSA-SEED-SHA
Rejected SSLv3 128 bits DHE-DSS-SEED-SHA
Accepted SSLv3 128 bits DHE-RSA-CAMELLIA128-SHA
Rejected SSLv3 128 bits DHE-DSS-CAMELLIA128-SHA
Rejected SSLv3 128 bits AECDH-AES128-SHA
Failed SSLv3 128 bits ADH-AES128-GCM-SHA256
Failed SSLv3 128 bits ADH-AES128-SHA256
Rejected SSLv3 128 bits ADH-AES128-SHA
Rejected SSLv3 128 bits ADH-SEED-SHA
Rejected SSLv3 128 bits ADH-CAMELLIA128-SHA
Failed SSLv3 128 bits ECDH-RSA-AES128-GCM-SHA256
Failed SSLv3 128 bits ECDH-ECDSA-AES128-GCM-SHA256
Failed SSLv3 128 bits ECDH-RSA-AES128-SHA256
Failed SSLv3 128 bits ECDH-ECDSA-AES128-SHA256
Rejected SSLv3 128 bits ECDH-RSA-AES128-SHA
Rejected SSLv3 128 bits ECDH-ECDSA-AES128-SHA
Failed SSLv3 128 bits AES128-GCM-SHA256
Failed SSLv3 128 bits AES128-SHA256
Accepted SSLv3 128 bits AES128-SHA
Rejected SSLv3 128 bits SEED-SHA
Accepted SSLv3 128 bits CAMELLIA128-SHA
Failed SSLv3 128 bits PSK-AES128-CBC-SHA
Rejected SSLv3 128 bits ECDHE-RSA-RC4-SHA
Rejected SSLv3 128 bits ECDHE-ECDSA-RC4-SHA
Rejected SSLv3 128 bits AECDH-RC4-SHA
Rejected SSLv3 128 bits ADH-RC4-MD5
Rejected SSLv3 128 bits ECDH-RSA-RC4-SHA
Rejected SSLv3 128 bits ECDH-ECDSA-RC4-SHA
Rejected SSLv3 128 bits RC4-SHA
Rejected SSLv3 128 bits RC4-MD5
Failed SSLv3 128 bits PSK-RC4-SHA
Rejected SSLv3 56 bits EDH-RSA-DES-CBC-SHA
Rejected SSLv3 56 bits EDH-DSS-DES-CBC-SHA
Rejected SSLv3 56 bits ADH-DES-CBC-SHA
Rejected SSLv3 56 bits DES-CBC-SHA
Rejected SSLv3 40 bits EXP-EDH-RSA-DES-CBC-SHA
Rejected SSLv3 40 bits EXP-EDH-DSS-DES-CBC-SHA
Rejected SSLv3 40 bits EXP-ADH-DES-CBC-SHA
Rejected SSLv3 40 bits EXP-DES-CBC-SHA
Rejected SSLv3 40 bits EXP-RC2-CBC-MD5
Rejected SSLv3 40 bits EXP-ADH-RC4-MD5
Rejected SSLv3 40 bits EXP-RC4-MD5
Rejected SSLv3 0 bits ECDHE-RSA-NULL-SHA
Rejected SSLv3 0 bits ECDHE-ECDSA-NULL-SHA
Rejected SSLv3 0 bits AECDH-NULL-SHA
Rejected SSLv3 0 bits ECDH-RSA-NULL-SHA
Rejected SSLv3 0 bits ECDH-ECDSA-NULL-SHA
Failed SSLv3 0 bits NULL-SHA256
Rejected SSLv3 0 bits NULL-SHA
Rejected SSLv3 0 bits NULL-MD5非常感谢!
回答 1
Stack Overflow用户
回答已采纳
发布于 2015-01-22 06:20:56
请使用下列方法:
- 设置disablesslv3参数:
mysql -uadmin -pcat /etc/psa/.psa.shadow -Dpsa -e“插入misc值(‘disablesslv3 3’,'true')”
- 重新吐露:
/usr/local/psa/admin/bin/httpdmng -重新配置-all
- 检查结果:
cat /var/www/vhost/system/*/conf/lastnginx.conf\ grep ssl_protocols
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/28080759
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号