Re: TLS/SSL Re-Negotiation Vulnerability [CVE-2011-1473]

Hi, The following blog post explains different mitigation techniques for this vulnerability and among them is Rate Limiting : http://vincent.bernat.im/en/blog/2011-ssl-dos-mitigation.html#rate_limiting_ssl_handshakes I hope this will help. Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr O

TLS/SSL Re-Negotiation Vulnerability [CVE-2011-1473]

Hello All, We have openssl 0.9.8r on our Linux Server. Application thats used is httpd. A Nessus security scan on our Linux server tells us that we may be vulnerable to a potential DOS due to SSL/TLS Renegotiation Vulnerability [CVE-2011-1473]. The suggestions of mitigating these (we believe) ar