...
Sometimes when you install software, said software turns on services for you, other times said software will try to communicate with the outside world, but not be programmed to use a specific protocol. We have had several cases where old software talks to the outside world, does not know which security protocol to use, and picks the first one on the available list, even if said protocol is normally disabled unused due to being old and broken. Example: the Ubuntu user manual using the broken TLSV1.0 when it could be using the far more secure TLSv1.2. The below is adapted from https://www.digitalocean.com/community/tutorials/how-to-protect-your-server-against-the-poodle-sslv3-vulnerability
SSL protocols can appear in multiple config files, you will want to change each place it appears
in /etc/httpd/conf.d/ssl.conf (apache running the ubuntu user manual)
can also appear in
...
and several other location depending on what software you have on your computeroriginal version for ubuntu 14.04 LTS
...
| Page Properties | ||
|---|---|---|
| ||
|