Archive of November 2014


sslblame (1)


Posted by Proht Meyhet on November 16 at 11:03 PM


du meine fresse! supported lediglich RC4-SHA, RC4-MD5 und DES-CBC3-SHA. DES&RC4. DES&RC4! der arme server könnte das verschlüsseln auch gleich sein lassen...

neo@linux:~/compile/sslscan> ./sslscan
Version: 1.9.7-rbsec-10-gb730ff2
OpenSSL 1.0.1i-fips 6 Aug 2014

OpenSSL version does not support SSLv2
SSLv2 ciphers will not be detected

Testing SSL server on port 443

  TLS renegotiation:
Session renegotiation not supported

  TLS Compression:
Compression disabled

TLS 1.0 not vulnerable to heartbleed
TLS 1.1 not vulnerable to heartbleed
TLS 1.2 not vulnerable to heartbleed

  Supported Server Cipher(s):
Accepted  TLSv1.0  128 bits  RC4-SHA
Accepted  TLSv1.0  128 bits  RC4-MD5
Accepted  TLSv1.0  112 bits  DES-CBC3-SHA

  Preferred Server Cipher(s):
TLSv1.0  112 bits  DES-CBC3-SHA

  SSL Certificate:
Signature Algorithm: sha1WithRSAEncryption
RSA Key Strength: 2048



anecdotes(1) - Charlie Watts


Posted by Proht Meyhet on November 08 at 11:35 PM


A famous anecdote relates that during the mid-1980s, an intoxicated Jagger phoned Watts' hotel room in the middle of the night asking "Where's my drummer?". Watts reportedly got up, shaved, dressed in a suit, put on a tie and freshly shined shoes, descended the stairs, and punched Jagger in the face, saying: "Don't ever call me your drummer again. You're my fucking singer!"