LISTSERV - NCSG-DISCUSS Archives

Hi Wisdom ,

Thanks for sharing the incident information . In solution section where written for Monitor network and use firewall rules but how long ?

Regards / Jahangir

On Wed, Mar 2, 2016 at 5:09 PM, Wisdom Donkor <[log in to unmask]> wrote:

Dear All,

Network traffic encrypted using an RSA-based SSL certificate may be decrypted if enough SSLv2 handshake data can be collected. Exploitation of this vulnerability - referred to as DROWN in public reporting - may allow a remote attacker to obtain the private key of a server supporting SSLv2.
CERT-GH encourages users and administrators to review the attached advisory for additional information and mitigation details.

Find attached advisory

Kind Regards

CERT-GH
Operations
6th Floor,Ghana House,High Street
PMB, Ministries Post Office
Accra,Ghana
www.cert-gh.org
-----BEGIN PGP SIGNATURE-----
Version: BCPG v1.47

iGIEARECACIFAlYOq58bHENFUlQtR0ggPHRlYW1AY2VydC1naC5vcmc+AAoJEPSE
nVZ6ksPd5ZwAoKDSDLMJwdGtW63kUA7GbxvIn5nfAJwOoLHaf3fZB2ZOKu2rwMLo
PD99EA==
=/LMu
-----END PGP SIGNATURE-----

_______________________________________________
Fellowships-alumni mailing list
[log in to unmask]
https://mm.icann.org/mailman/listinfo/fellowships-alumni