Critical Windows Vulnerability (also, VPN uses port 443)

 
Post new topic   Reply to topic    Aprelium Forum Index -> General Questions
View previous topic :: View next topic  
Author Message
Lawrence
-


Joined: 16 Jan 2003
Posts: 207
Location: Brisbane, AU

PostPosted: Wed Nov 12, 2014 2:10 pm    Post subject: Critical Windows Vulnerability (also, VPN uses port 443) Reply with quote

There's a critical Windows bug, making -all- versions of windows vulnerable to the worst things if they run any secure/encrpyted applications. Basically, if you're listening on a port and accept encrypted traffic, you're at risk. See: Microsoft's advisory.

Anyway, I updated, but now Abyss reports that it cannot listen on port 443.

I honestly haven't got the first clue what to look for, and the problem's so new it doesn't seem like Google is any help.

Any ideas?


Last edited by Lawrence on Thu Nov 13, 2014 2:50 am; edited 1 time in total
Back to top View user's profile Send private message Visit poster's website ICQ Number
Axis
-


Joined: 29 Sep 2003
Posts: 336

PostPosted: Thu Nov 13, 2014 1:11 am    Post subject: Reply with quote

Hello Lawrence--

I'm on windows 7 premium (been trying to beat it into submission for years ;-)).

...anyway, I got hit with the Windows Update you refer to, and am running the latest Abyss v 2.9.3.6 and have SSL/TLS running on one of my hosts. I am curious...and this might be a debugging clue as well...what you have set in General/Advanced Parameters/SSL/TLS Parameters?

Mine is set to the "recommended", I did *not* use the option of "fixed" SSL3. (I also have a Firefox plugin to only allow a Minimum SSL Version set to TLS 1.0--but that shouldn't affect the Abyss server.) Just after the Abyss update, and before the MS Update, I ran it through SSL Labs and got an "A" (if they discounted that it was a self-signed Certificate.)

After getting smacked with MS updates, then reading your post, I quickly logged into my secure host and shot off a email just to check all was good...and it was.

I am wondering what setting you have in setting you have in General/Advanced Parameters/SSL/TLS Parameters?

Is it something other than my setting, and if so, does it go away it you set it to "recommended"?

That's my experience and close to being an "idea."

I hope you get this resolved speedily and easily.

Regards,
Axis
Back to top View user's profile Send private message
Lawrence
-


Joined: 16 Jan 2003
Posts: 207
Location: Brisbane, AU

PostPosted: Thu Nov 13, 2014 2:39 am    Post subject: Reply with quote

Unfortunately I've never messed with this, it was already set to 'recommended'.

I just shut down Abyss and did a port scan on myself and port 443 is active, used by something called https; https MCom


Last edited by Lawrence on Thu Nov 13, 2014 2:51 am; edited 1 time in total
Back to top View user's profile Send private message Visit poster's website ICQ Number
Lawrence
-


Joined: 16 Jan 2003
Posts: 207
Location: Brisbane, AU

PostPosted: Thu Nov 13, 2014 2:50 am    Post subject: Reply with quote

Sorted!

It was a VPN I was trying to use, I guess it wanted port 443 but couldn't while Abyss was running, but after the Windows update and reboot the VPN grabbed 443 so Abyss couldn't use it.

Killed the VPN and restarted Abyss and it's all good again. =)
Back to top View user's profile Send private message Visit poster's website ICQ Number
Axis
-


Joined: 29 Sep 2003
Posts: 336

PostPosted: Thu Nov 13, 2014 4:47 pm    Post subject: Reply with quote

Great to hear!

Regards,
Axis
Back to top View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Aprelium Forum Index -> General Questions All times are GMT + 1 Hour
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB phpBB Group