View previous topic :: View next topic |
Author |
Message |
Lawrence -
Joined: 16 Jan 2003 Posts: 207 Location: Brisbane, AU
|
Posted: Wed Nov 12, 2014 2:10 pm Post subject: Critical Windows Vulnerability (also, VPN uses port 443) |
|
|
There's a critical Windows bug, making -all- versions of windows vulnerable to the worst things if they run any secure/encrpyted applications. Basically, if you're listening on a port and accept encrypted traffic, you're at risk. See: Microsoft's advisory.
Anyway, I updated, but now Abyss reports that it cannot listen on port 443.
I honestly haven't got the first clue what to look for, and the problem's so new it doesn't seem like Google is any help.
Any ideas?
Last edited by Lawrence on Thu Nov 13, 2014 2:50 am; edited 1 time in total |
|
Back to top |
|
|
Axis -
Joined: 29 Sep 2003 Posts: 336
|
Posted: Thu Nov 13, 2014 1:11 am Post subject: |
|
|
Hello Lawrence--
I'm on windows 7 premium (been trying to beat it into submission for years ;-)).
...anyway, I got hit with the Windows Update you refer to, and am running the latest Abyss v 2.9.3.6 and have SSL/TLS running on one of my hosts. I am curious...and this might be a debugging clue as well...what you have set in General/Advanced Parameters/SSL/TLS Parameters?
Mine is set to the "recommended", I did *not* use the option of "fixed" SSL3. (I also have a Firefox plugin to only allow a Minimum SSL Version set to TLS 1.0--but that shouldn't affect the Abyss server.) Just after the Abyss update, and before the MS Update, I ran it through SSL Labs and got an "A" (if they discounted that it was a self-signed Certificate.)
After getting smacked with MS updates, then reading your post, I quickly logged into my secure host and shot off a email just to check all was good...and it was.
I am wondering what setting you have in setting you have in General/Advanced Parameters/SSL/TLS Parameters?
Is it something other than my setting, and if so, does it go away it you set it to "recommended"?
That's my experience and close to being an "idea."
I hope you get this resolved speedily and easily.
Regards,
Axis |
|
Back to top |
|
|
Lawrence -
Joined: 16 Jan 2003 Posts: 207 Location: Brisbane, AU
|
Posted: Thu Nov 13, 2014 2:39 am Post subject: |
|
|
Unfortunately I've never messed with this, it was already set to 'recommended'.
I just shut down Abyss and did a port scan on myself and port 443 is active, used by something called https; https MCom
Last edited by Lawrence on Thu Nov 13, 2014 2:51 am; edited 1 time in total |
|
Back to top |
|
|
Lawrence -
Joined: 16 Jan 2003 Posts: 207 Location: Brisbane, AU
|
Posted: Thu Nov 13, 2014 2:50 am Post subject: |
|
|
Sorted!
It was a VPN I was trying to use, I guess it wanted port 443 but couldn't while Abyss was running, but after the Windows update and reboot the VPN grabbed 443 so Abyss couldn't use it.
Killed the VPN and restarted Abyss and it's all good again. =) |
|
Back to top |
|
|
Axis -
Joined: 29 Sep 2003 Posts: 336
|
Posted: Thu Nov 13, 2014 4:47 pm Post subject: |
|
|
Great to hear!
Regards,
Axis |
|
Back to top |
|
|
|