Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    2.3.2 and SSLv3

    Scheduled Pinned Locked Moved General pfSense Questions
    5 Posts 2 Posters 753 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D Offline
      dbennett
      last edited by

      Greetings,

      How can I prevent SSLv3 from being utilized on my pfSense boxes?

      Thanks ahead of time for your assistance.

      1 Reply Last reply Reply Quote 0
      • jimpJ Offline
        jimp Rebel Alliance Developer Netgate
        last edited by

        It is already disabled in the GUI web server, and has been for some time.

        Or do you mean in some other package?

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • D Offline
          dbennett
          last edited by

          I scanned for vulnerabilities using Qualys and it pointed out an SSLv3 issue.

          Closer look at the report points out the it's ntopng.  I can block public access to that port but not I'm curious as to why the package is allowed to superseded pfSense security.

          If I'm completely missing something or miss configuring something, please correct me.

          Thanks again for your assistance.

          1 Reply Last reply Reply Quote 0
          • jimpJ Offline
            jimp Rebel Alliance Developer Netgate
            last edited by

            It isn't running using our GUI, it runs its own internal web server on a separate port (and that should really, really not be exposed to be public!)

            The ntopng package would have to be adjusted to disable SSLv3, if it's capable of doing so. That would be a subject for a new thread in the packages board though, not here.

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • D Offline
              dbennett
              last edited by

              I completely agree and understand.  Will be posting a new question on that board

              Thanks again for your assistance.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.