[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Suddenly, new types of SSL errors

On Fri, 2 Aug 2013 10:32:15 +0100
Darac Marjal <mailinglist@darac.org.uk> wrote:

> On Fri, Aug 02, 2013 at 09:06:41AM +0200, Jochen Spieker wrote:
> > mett:
> > > 
> > > Since 2, 3 weeks now, I'm getting some new types of log errors,
> > > related to SSL, on an Apache2 and Dovecot server I'm managing.
> > 
> > Don't worry about them as long as your services appear to work fine
> > for you. If you run a public server, it is normal that people send
> > random junk your server doesn't understand. Some of it may be
> > malicious, some if it is broken clients. You can't do anything
> > against this except blocking them at a lower protocol layer (just
> > like you do with fail2ban).
> If you're worried, use a checker such as
> https://www.ssllabs.com/ssltest/index.html to verify the robustness of
> your server. It may be that, with new attacks such as BEAST and CRIME,
> people are probing your server for vulnerabilities. If you get a good
> rating on the tests, then you can be assured that those "knocks on the
> door" won't get through.

Thanks a lot for all the answers. 
The link to ssllabs is a nice one. 

Attachment: signature.asc
Description: PGP signature

Reply to: