LISTSERV - NCSG-DISCUSS Archives

Hi Wisdom ,

Thanks for sharing the incident information .  In solution section where
written for Monitor network and use firewall rules but how long ?



*Regards / Jahangir *

On Wed, Mar 2, 2016 at 5:09 PM, Wisdom Donkor <[log in to unmask]> wrote:

>
> Dear All,
>
> Network traffic encrypted using an RSA-based SSL certificate may be
> decrypted if enough SSLv2 handshake data can be collected. Exploitation of
> this vulnerability - referred to as DROWN in public reporting - may allow a
> remote attacker to obtain the private key of a server supporting SSLv2.
> CERT-GH encourages users and administrators to review the attached
> advisory for additional information and mitigation details.
>
> Find attached advisory
>
> Kind Regards
>
> CERT-GH
> Operations
> 6th Floor,Ghana House,High Street
> PMB, Ministries Post Office
> Accra,Ghana
> www.cert-gh.org
> -----BEGIN PGP SIGNATURE-----
> Version: BCPG v1.47
>
> iGIEARECACIFAlYOq58bHENFUlQtR0ggPHRlYW1AY2VydC1naC5vcmc+AAoJEPSE
> nVZ6ksPd5ZwAoKDSDLMJwdGtW63kUA7GbxvIn5nfAJwOoLHaf3fZB2ZOKu2rwMLo
> PD99EA==
> =/LMu
> -----END PGP SIGNATURE-----
>
>
> _______________________________________________
> Fellowships-alumni mailing list
> [log in to unmask]
> https://mm.icann.org/mailman/listinfo/fellowships-alumni
>
>


--