22 Nov
2010
22 Nov
'10
11:38 p.m.
Pierre DELAAGE <[email protected]> wrote:
Just to mention: SslVersion=all OFTEN SOLVES MANY PROBLEMS in various circumstances. As a professional penetration tester I fully agree that enabling SSLv2 solves many problems. At least for me it really does: http://osvdb.org/56387 I meant interoperabilty problems, when machines do not even succeed in establishing a dialog, ...not "security problems"...
I also meant solving interoperability problems. Interoperability with my MITM exploits to be more precise. Security is just the usual price to be paid for maxing out the interoperability. Mike