[tor-relays] Shutting down middle relays (off-topic)

Andreas Reich andreas at reichster.de
Sun Jun 22 07:52:16 UTC 2014


At least the qualys online test is only testing port 443 - could it be
that you run your web-server on this port?
If you run your web-server with e.g. mod-spdy you also have to update
mod-spdy because it is built with its own openssl.

This was a problem on my server too (not fedora or Centos tough)

Regards

Am 22.06.2014 03:36, schrieb Tora Tora Tora:
> Basically, I am left to conclude that (1) the latest update on
> Fedora/Centos does not patch CCS Injection vulnerability or (2) the test
> is wrong--correction, both Tripwire and Qualys tests are wrong or (3)
> between a Fedora and two Centos machines, one of which is really just a
> test machine, all are out of wack or (4) something else is weird.
>
> Anyone else ran Qualys test on their "patched" Centos server?
>
> https://www.ssllabs.com/ssltest/analyze.html?d=YOUR_DOMAIN_NAME&hideResults=on
>
> Anyone else tried Tripwire on their "patched" Centos server?
>
> https://raw.githubusercontent.com/Tripwire/OpenSSL-CCS-Inject-Test/master/OSSL_CCS_InjectTest.py
>
> I would love to see if anyone else is getting the same warnings.
>
> Thanks...
>
>
> On 06/21/2014 03:09 PM, Tora Tora Tora wrote:
>> And now I have tried a reboot. No change. Weird ...
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20140622/005c778c/attachment-0001.sig>


More information about the tor-relays mailing list