View Single Post
  #2   (View Single Post)  
Old 26th October 2011
Nightweaver's Avatar
Nightweaver Nightweaver is offline
Fdisk Soldier
Join Date: May 2008
Location: Belgrade, Serbia
Posts: 47

Tool needs slight modification to work on Apache/Nginx - they don't allow renegotiation. I've tested it on Courier IMAP - and it overloads machine in less than a minute. Here you may find patched tool so that you don't kill your server but see if it's vulnerable or not:
If it moves, crypt it. Unless it's static - than you should double-crypt it.
Reply With Quote