华人小孩

 找回密码
 您好~~点击这里注册
搜索
查看: 8144|回复: 0
收起左侧

[闲话] 浏览器的ssl安全漏洞

[复制链接]
发表于 2014-10-17 02:33:24 | 显示全部楼层 |阅读模式

马上加入华人小孩吧,为您和您的孩子结交更多好友、享用更多功能!

您需要 登录 才可以下载或查看,没有帐号?您好~~点击这里注册

x
浏览器最近的安全漏洞,大家可以通过如下网页查看自己的浏览器是否有危险:
https://www.poodletest.com/
如果显示vulnerable,建议按照如下办法修补漏洞,目前Google Chrome&Firefox还没有出相应的patch:
https://zmap.io/sslv3/browsers.html
简单来说:
对于FirefoxSSLv3 will be disabled by default in Firefox 34, which will be released on Nov 25. )

you can set the value security.tls.version.min = 1 in the about:config dialog.
(在Firefox浏览器的地址栏输入,about:config,然后输入security.tls.version.min = 1

对于Google Chrome

Windows
  • Right click the Google Chrome shortcut on the desktop.

                                   
    登录/注册后可看大图
  • Click Properties from the drop-down menu.
  • You will see the properties menu for the shortcut to Google Chrome.

                                   
    登录/注册后可看大图
  • Click inside the "Target" box and scroll all the way to the        right (past the quote (")).
  • Enter --ssl-version-min=tls1

                                   
    登录/注册后可看大图
  • Click "OK" on the properties menu.
  • When asked for administrator permissions, click "Continue".

                                   
    登录/注册后可看大图


Ubuntu
Thanks to gertvdijk on AskUbuntu.

  • Open /usr/share/applications/google-chrome.desktop in a text editor
  • For any line that begins with "Exec", add the argument:--ssl-version-min=tls1
    • For instance the line Exec=/usr/bin/google-chrome-stable %U should become Exec=/usr/bin/google-chrome-stable --ssl-version-min=tls1
  • Reboot

OS X
  • Open Automator from Applications.

                                   
    登录/注册后可看大图
  • Double-click "Workflow".
  • Under Library, click Utilities.

                                   
    登录/注册后可看大图
  • Double-clide "Run Shell Script".

                                   
    登录/注册后可看大图
  • Replace cat with open -a "Google Chrome.app" --args --ssl-version-min=tls1.

                                   
    登录/注册后可看大图
  • In the toolbar at the top of the screen, click "File" and then "Save".
  • In the "Save As" box, type Chrome-POODLE-Proof.app
    .
  • In the "File Format" drop-down box, select "Application".

                                   
    登录/注册后可看大图
  • Click "Save".
Depending on how you open Google Chrome, you may have to open it in a different way. If you open it through Spotlight, just type Chrome-POODLE-Proof instead of Google Chrome If you open it by clicking on it in the Dock, open Finder, and click Applications. Drag-and-drop the Chrome-POODLE-Proof.app to the Dock. When you want to open Chrome, click the icon that looks like a robot holding a pipe instead of the normal Google Chrome icon.

Other Operating Systems
For any operating system, launching Chrome from the command-line with the extra flag --ssl-version-min=tls1 will disable SSLv3. Consult your documentation for more detail.

Internet Explorer
To disable SSLv3 in Internet Explorer on Windows Vista and newer, uncheck the "Use SSL 3.0" box on the "Advanced" tab in the Internet Options program.
  • Launch "Internet Options" from the Start Menu
  • Click the "Advanced" tab
  • Uncheck "Use SSL 3.0"

                                   
    登录/注册后可看大图
  • Click "OK"

Safari
We currently do not know of a fix for Safari.



写点什么呗,写什么华人小孩都喜欢。

本版积分规则

联系我们|小黑屋|免责声明|帖子列表|SITEMAP|HuarenKids

GMT-5, 2024-11-22 06:18

Powered by Discuz!X3.4

© 2001-2020 Comsenz Inc.

快速回复 返回顶部 返回列表