So here we go again... Another vulnerability has been found in OpenSSL. However, this is very hard to exploit and requires the hacker to have control of your wireless hotspot or network. If that's the case, then you're in trouble anyway!Continue reading...
Over the last few weeks we have seen more and more users reporting that they have run a security check on the SSL certificate thats installed on their Loadbalancer appliance using the Trustworty Internet Movement web site (https://www.trustworthyinternet.org/ssl-pulse/). The idea behind the site is basically to test as many SSL certificates on the Internet as possible and check for any vulnerabilities like having SSLv2 enabled or weak Key Cipher lists. The test takes about 2 minutes to run and will give you a report on the status of your SSL Certificate and the associated services that it uses. From this we found that the version of Pound SSL Proxy that we were using with our v6.x appliance was not as secure as it could be. Which has lead to a new release of our hardware software to v6.19. NB. 'not as secure as it could be' does not mean a security problem, the BEAST attack is really a client side attack and nothing to do with load balancers <- Annoying comment added by Editor :-).Continue reading...
OK so I've previously blogged about how to get TPROXY and HAProxy working nicely together. But what if you want to terminate SSL traffic on the load balancer in order to use HaProxy to insert cookies in the standard HTTP stream to the backend servers? Many thanks to Krisztián Ivancsó for working on the TPROXY patch for Pound for us, we can finally do this!Continue reading...
Contact us or submit your details to request a call back.
tel: +1 888 867 9504
Contact us or submit your details to request a quick quote.
tel: +1 888 867 9504 (24x7)