Ci-dessous, les différences entre deux révisions de la page.
Prochaine révision | Révision précédente | ||
doc:debian:openssl [2008/05/14 23:59] lehobey créée |
doc:debian:openssl [2008/10/13 23:23] (Version actuelle) lehobey |
||
---|---|---|---|
Ligne 7: | Ligne 7: | ||
* http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=363516 | * http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=363516 | ||
- | * Analyse : http://lwn.net/Articles/281901/ | + | * http://rt.openssl.org/NoAuth/Buglist.html |
+ | |||
+ | ==== Analyse : ==== | ||
+ | * http://lwn.net/Articles/281901/ | ||
+ | * http://lwn.net/Articles/282038/ | ||
+ | * http://lwn.net/Articles/282230/ | ||
* http://www.dslreports.com/forum/r20474302-Heads-Up-Debian-OpenSSL-RNG-Vuln-CVE20080166 | * http://www.dslreports.com/forum/r20474302-Heads-Up-Debian-OpenSSL-RNG-Vuln-CVE20080166 | ||
* http://blog.sesse.net/blog/tech/2008-05-14-17-21_some_maths.html | * http://blog.sesse.net/blog/tech/2008-05-14-17-21_some_maths.html | ||
* http://rt.openssl.org/Ticket/Display.html?id=521&user=guest&pass=guest | * http://rt.openssl.org/Ticket/Display.html?id=521&user=guest&pass=guest | ||
+ | * http://blog.drinsama.de/erich/en/linux/2008051401-consequences-of-sslssh-weakness.html | ||
+ | * http://metasploit.com/users/hdm/tools/debian-openssl/ | ||
- | * Réflexion : | + | ==== Réflexion ==== |
* http://blog.zakame.net/news/wheres-the-open | * http://blog.zakame.net/news/wheres-the-open | ||
* http://changelog.complete.org/posts/714-Thoughtfulness-on-the-OpenSSL-bug.html | * http://changelog.complete.org/posts/714-Thoughtfulness-on-the-OpenSSL-bug.html | ||
Ligne 22: | Ligne 29: | ||
* http://feeds.feedburner.com/~r/UbuntuTutorials/~3/289661396/ | * http://feeds.feedburner.com/~r/UbuntuTutorials/~3/289661396/ | ||
* http://daviey.mooo.com/blogroll/weak-ssh-key.html | * http://daviey.mooo.com/blogroll/weak-ssh-key.html | ||
+ | * Conversions de clefs, certificats : http://www.imsc.res.in/~kapil/blog/floss/converting-keys-2008-05-15-12-14.html | ||
+ | |||
==== Solutions ==== | ==== Solutions ==== | ||
* http://wiki.debian.org/SSLkeys | * http://wiki.debian.org/SSLkeys | ||
+ | * http://roland.entierement.nu/blog/2008/05/15/branle-bas-sshssl.html | ||
* http://blog.zakame.net/news/openssl-remote-dsa-1571 | * http://blog.zakame.net/news/openssl-remote-dsa-1571 | ||
* http://lucumr.pocoo.org/cogitations/2008/05/13/command-of-the-day/ | * http://lucumr.pocoo.org/cogitations/2008/05/13/command-of-the-day/ | ||
+ | * Désactiver DSA : | ||
+ | * (À lire) : http://etbe.coker.com.au/2008/05/18/debian-ssh-problems/ | ||
+ | * http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=481133 | ||
+ | |||
+ | |||
+ | ==== Attaques ==== | ||
+ | * http://community.livejournal.com/lbello_english/8799.html | ||
+ | * http://www.lucianobello.com.ar/post/the-root-of-all-mistake-the-overgeneralization/ |