What it does is allow you to set Firefox to use SSLv3 thus allowing you to be POODLEd if one of your coworkers so desired. I would assume your coworkers have better things to do :-)

Coy Krill
Core Processing Administrator/Analyst
Washington Trust Bank

-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Paul Fenstermacher
Sent: Wednesday, December 10, 2014 07:49
To: Midrange Systems Technical Discussion
Subject: RE: Poodle patches really "breaking" anything?
Importance: Low

FYI, I got this information from IBM and it does resolve my problem using Firefox, I can now manage my 7.7.5 HMC's and V7000's. Be aware, I can't speak to what this does with respect to making connections unsecure again because of SSLv3, you're on your own with that one.


In regards to the sslv3 issue on HMC remote connections. The firefox 34 version removed sslv3 so that breaks the connection.

You can backlevel the firefox or circumvent.
To circumvent:
Reconfiguring Firefox
about:config can be used to enable the desired cipher however an easy way to set/verify the Firefox cipher is to use the SSL Version Control plugin by Mozilla.
- Click on Add-ons
- Get Add-on
- Search for "SSL Version Control"
- Select the addon

It will show in installed extensions under the addons listing. To configure the cipher click Options in the ssl version control, then select minimum ssl version to sslv3. Then after that change just refresh the page and it should be ok.


Paul Fenstermacher | Sys Admin, Sr | Corporate Systems - POWER Systems Administration | Jack Henry & Associates, Inc.
663 West Highway 60 | Monett, MO 65708 | 417-235-4114 x177389 | pfenstermacher@xxxxxxxxxxxxx


-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Paul Fenstermacher
Sent: Wednesday, December 10, 2014 7:16 AM
To: Midrange Systems Technical Discussion
Subject: RE: Poodle patches really "breaking" anything?

My Firefox just updated yesterday to 34.0.5 and after that I could not connect to HMC's running 7.7.5 nor could I connect to two different V7000 GUI's. Error message in all cases says





Unable to Connect Securely



Firefox cannot guarantee the safety of your data on THISIPADDRESS because it uses SSLv3, a broken security protocol.





Paul Fenstermacher | Sys Admin, Sr | Corporate Systems - POWER Systems

Administration | Jack Henry & Associates, Inc.

663 West Highway 60 | Monett, MO 65708 | 417-235-4114 x177389 |

pfenstermacher@xxxxxxxxxxxxx





-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of rob@xxxxxxxxx
Sent: Tuesday, December 9, 2014 7:31 PM
To: Midrange Systems Technical Discussion
Subject: Re: Poodle patches really "breaking" anything?



Apparently the 'lack' of patching is causing us grief. Customers are updating their web browsers and are unable to attach to our website.

Hoping this is the cure:

http://www-01.ibm.com/support/docview.wss?uid=swg21657963





Rob Berendt

--

IBM Certified System Administrator - IBM i 6.1

Group Dekko

Dept 1600

Mail to: 2505 Dekko Drive

Garrett, IN 46738

Ship to: Dock 108

6928N 400E

Kendallville, IN 46755

http://www.dekko.com











From: rob@xxxxxxxxx<mailto:rob@xxxxxxxxx>

To: midrange-l@xxxxxxxxxxxx<mailto:midrange-l@xxxxxxxxxxxx>

Date: 12/09/2014 07:15 AM

Subject: Poodle patches really "breaking" anything?

Sent by: "MIDRANGE-L" <midrange-l-bounces@xxxxxxxxxxxx<mailto:midrange-l-bounces@xxxxxxxxxxxx>>







Not to feed the "if it ain't broke don't fix it" crowd but are poodle

patches really causing headaches?

http://www.itjungle.com/fhs/fhs120914-story01.html

Granted, it was already broke due to the lax security, but what headaches

have been caused by the patches, if any? Any horror stories? If so, how

did you resolve it? For example:

- I'm running encrypted telnet and it all broke, and what you did to get

around it.

- I'm running Domino x.y.z and I had to ...

- I'm running WAS e.f.g and I had to ...

- I'm running sftp from Acme Coyote and I had to ...

and more of that genre.





Rob Berendt

--

IBM Certified System Administrator - IBM i 6.1

Group Dekko

Dept 1600

Mail to: 2505 Dekko Drive

Garrett, IN 46738

Ship to: Dock 108

6928N 400E

Kendallville, IN 46755

http://www.dekko.com



--

This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing

list

To post a message email: MIDRANGE-L@xxxxxxxxxxxx<mailto:MIDRANGE-L@xxxxxxxxxxxx>

To subscribe, unsubscribe, or change list options,

visit: http://lists.midrange.com/mailman/listinfo/midrange-l

or email: MIDRANGE-L-request@xxxxxxxxxxxx<mailto:MIDRANGE-L-request@xxxxxxxxxxxx>

Before posting, please take a moment to review the archives

at http://archive.midrange.com/midrange-l.





--

This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list

To post a message email: MIDRANGE-L@xxxxxxxxxxxx<mailto:MIDRANGE-L@xxxxxxxxxxxx>

To subscribe, unsubscribe, or change list options,

visit: http://lists.midrange.com/mailman/listinfo/midrange-l

or email: MIDRANGE-L-request@xxxxxxxxxxxx<mailto:MIDRANGE-L-request@xxxxxxxxxxxx>

Before posting, please take a moment to review the archives

at http://archive.midrange.com/midrange-l.


NOTICE: This electronic mail message and any files transmitted with it are intended exclusively for the individual or entity to which it is addressed. The message, together with any attachment, may contain confidential and/or privileged information.
Any unauthorized review, use, printing, saving, copying, disclosure or distribution is strictly prohibited. If you have received this message in error, please immediately advise the sender by reply email and delete all copies.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.

NOTICE: This electronic mail message and any files transmitted with it are intended exclusively for the individual or entity to which it is addressed. The message, together with any attachment, may contain confidential and/or privileged information.
Any unauthorized review, use, printing, saving, copying, disclosure or distribution is strictly prohibited. If you have received this message in error, please immediately advise the sender by reply email and delete all copies.

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.




=====================================================================================================
This electronic mail message and any attachments may contain confidential or privileged
information and is intended for use solely by the above-referenced recipient. Any review,
copying, printing, disclosure, distribution, or other use by any other person or entity is
strictly prohibited under applicable law. If you are not the named recipient, or believe
you have received this message in error, please immediately notify the sender by replying
to this message and delete the copy you received. =====================================================================================================


This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2019 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].