What it does is allow you to set Firefox to use SSLv3 thus allowing you to be POODLEd if one of your coworkers so desired. I would assume your coworkers have better things to do :-)
Coy Krill
Core Processing Administrator/Analyst
Washington Trust Bank
-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Paul Fenstermacher
Sent: Wednesday, December 10, 2014 07:49
To: Midrange Systems Technical Discussion
Subject: RE: Poodle patches really "breaking" anything?
Importance: Low
FYI, I got this information from IBM and it does resolve my problem using Firefox, I can now manage my 7.7.5 HMC's and V7000's. Be aware, I can't speak to what this does with respect to making connections unsecure again because of SSLv3, you're on your own with that one.
In regards to the sslv3 issue on HMC remote connections. The firefox 34 version removed sslv3 so that breaks the connection.
You can backlevel the firefox or circumvent.
To circumvent:
Reconfiguring Firefox
about:config can be used to enable the desired cipher however an easy way to set/verify the Firefox cipher is to use the SSL Version Control plugin by Mozilla.
- Click on Add-ons
- Get Add-on
- Search for "SSL Version Control"
- Select the addon
It will show in installed extensions under the addons listing. To configure the cipher click Options in the ssl version control, then select minimum ssl version to sslv3. Then after that change just refresh the page and it should be ok.
Paul Fenstermacher | Sys Admin, Sr | Corporate Systems - POWER Systems Administration | Jack Henry & Associates, Inc.
663 West Highway 60 | Monett, MO 65708 | 417-235-4114 x177389 | pfenstermacher@xxxxxxxxxxxxx
-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Paul Fenstermacher
Sent: Wednesday, December 10, 2014 7:16 AM
To: Midrange Systems Technical Discussion
Subject: RE: Poodle patches really "breaking" anything?
My Firefox just updated yesterday to 34.0.5 and after that I could not connect to HMC's running 7.7.5 nor could I connect to two different V7000 GUI's. Error message in all cases says
Unable to Connect Securely
Firefox cannot guarantee the safety of your data on THISIPADDRESS because it uses SSLv3, a broken security protocol.
Paul Fenstermacher | Sys Admin, Sr | Corporate Systems - POWER Systems
Administration | Jack Henry & Associates, Inc.
663 West Highway 60 | Monett, MO 65708 | 417-235-4114 x177389 |
pfenstermacher@xxxxxxxxxxxxx
-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of rob@xxxxxxxxx
Sent: Tuesday, December 9, 2014 7:31 PM
To: Midrange Systems Technical Discussion
Subject: Re: Poodle patches really "breaking" anything?
Apparently the 'lack' of patching is causing us grief. Customers are updating their web browsers and are unable to attach to our website.
Hoping this is the cure:
http://www-01.ibm.com/support/docview.wss?uid=swg21657963
Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1
Group Dekko
Dept 1600
Mail to: 2505 Dekko Drive
Garrett, IN 46738
Ship to: Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com
From: rob@xxxxxxxxx<mailto:rob@xxxxxxxxx>
To: midrange-l@xxxxxxxxxxxx<mailto:midrange-l@xxxxxxxxxxxx>
Date: 12/09/2014 07:15 AM
Subject: Poodle patches really "breaking" anything?
Sent by: "MIDRANGE-L" <midrange-l-bounces@xxxxxxxxxxxx<mailto:midrange-l-bounces@xxxxxxxxxxxx>>
Not to feed the "if it ain't broke don't fix it" crowd but are poodle
patches really causing headaches?
http://www.itjungle.com/fhs/fhs120914-story01.html
Granted, it was already broke due to the lax security, but what headaches
have been caused by the patches, if any? Any horror stories? If so, how
did you resolve it? For example:
- I'm running encrypted telnet and it all broke, and what you did to get
around it.
- I'm running Domino x.y.z and I had to ...
- I'm running WAS e.f.g and I had to ...
- I'm running sftp from Acme Coyote and I had to ...
and more of that genre.
Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1
Group Dekko
Dept 1600
Mail to: 2505 Dekko Drive
Garrett, IN 46738
Ship to: Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx<mailto:MIDRANGE-L@xxxxxxxxxxxx>
To subscribe, unsubscribe, or change list options,
visit:
http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx<mailto:MIDRANGE-L-request@xxxxxxxxxxxx>
Before posting, please take a moment to review the archives
at
http://archive.midrange.com/midrange-l.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx<mailto:MIDRANGE-L@xxxxxxxxxxxx>
To subscribe, unsubscribe, or change list options,
visit:
http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx<mailto:MIDRANGE-L-request@xxxxxxxxxxxx>
Before posting, please take a moment to review the archives
at
http://archive.midrange.com/midrange-l.
NOTICE: This electronic mail message and any files transmitted with it are intended exclusively for the individual or entity to which it is addressed. The message, together with any attachment, may contain confidential and/or privileged information.
Any unauthorized review, use, printing, saving, copying, disclosure or distribution is strictly prohibited. If you have received this message in error, please immediately advise the sender by reply email and delete all copies.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit:
http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at
http://archive.midrange.com/midrange-l.
NOTICE: This electronic mail message and any files transmitted with it are intended exclusively for the individual or entity to which it is addressed. The message, together with any attachment, may contain confidential and/or privileged information.
Any unauthorized review, use, printing, saving, copying, disclosure or distribution is strictly prohibited. If you have received this message in error, please immediately advise the sender by reply email and delete all copies.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit:
http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at
http://archive.midrange.com/midrange-l.
=====================================================================================================
This electronic mail message and any attachments may contain confidential or privileged
information and is intended for use solely by the above-referenced recipient. Any review,
copying, printing, disclosure, distribution, or other use by any other person or entity is
strictly prohibited under applicable law. If you are not the named recipient, or believe
you have received this message in error, please immediately notify the sender by replying
to this message and delete the copy you received. =====================================================================================================
midrange.com
