<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">Am 21.10.2014 um 08:20 schrieb Olle E
Johansson:<br>
</div>
<blockquote cite="mid:5445FB32.4070506@edvina.net" type="cite">
<br>
<blockquote type="cite">
<blockquote type="cite">
<br>
!!! *a warning **that the use of SSLv3 **susceptibility to
POODLE
<br>
Vulnerability* !!!
<br>
<br>
</blockquote>
</blockquote>
Well, since Poodle requires a web browser and java script we're
not in danger from a Poodle attack. Even so, we are not enabling
SSL by default, only enabling TLS. All versions of SSL are too old
to be
<br>
secure. We can not add a warning text for every possible attack,
<br>
but have published information on twitter, facebook, G+ and
<br>
on the mailing lists.
<br>
<br>
Are we aware of any phones or SIP servers that only supports SSLv3
<br>
and have no support of TLS?
<br>
<br>
/O
<br>
<br>
_______________________________________________
<br>
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing
list
<br>
<a class="moz-txt-link-abbreviated" href="mailto:sr-users@lists.sip-router.org">sr-users@lists.sip-router.org</a>
<br>
<a class="moz-txt-link-freetext" href="http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users">http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users</a>
<br>
</blockquote>
asterisk just published a security warning <br>
<br>
source: <a class="moz-txt-link-freetext" href="http://downloads.asterisk.org/pub/security/AST-2014-011.html">http://downloads.asterisk.org/pub/security/AST-2014-011.html</a><br>
<br>
you have to force asterisk to do TLSv1<br>
the <big><font style="font-size: 10pt" size="2"><big>defaults
settings allowing a SSLv3/SSLv2 fallback.</big></font></big><br>
<br>
<div class="moz-signature">-- <br>
<b>Rainer Piper</b>
<br>
Integration engineer
<br>
Koeslinstr. 56
<br>
53123 BONN <br>
GERMANY
<br>
Phone: +49 228 97167161
<br>
P2P: <a class="moz-txt-link-freetext" href="sip:rainer@sip.soho-piper.de:5072">sip:rainer@sip.soho-piper.de:5072</a> (pjsip-test)
<br>
XMPP: <a class="moz-txt-link-abbreviated" href="mailto:rainer@xmpp.soho-piper.de">rainer@xmpp.soho-piper.de</a></div>
</body>
</html>