[lvs-users] Test weak SSL ciphers with LVS

To:	lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject:	[lvs-users] Test weak SSL ciphers with LVS
From:	Son Nguyen <trungson@xxxxxxxxx>
Date:	Sun, 27 Oct 2013 11:52:12 -0700

To:

Subject:

From:

Date:

Sun, 27 Oct 2013 11:52:12 -0700

Hello,

I try to test weak ciphers on my LVS-TUN setup, the weak cipher is explicitly 
disabled on the real servers (RIP) and when checking directly with the RIP, no 
handshake was made, which is good and expected. However, when checking with the 
VIP, a good handshake was made (unexpected). Since LVS is Layer 4, I wonder why 
there is this difference.

openssl s_client -connect RIP:443 -cipher DES
=> no handshake, expected

openssl s_client -connect VIP:443 -cipher DES
=> good handshake, unexpected

Thanks
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

<Prev in Thread]	Current Thread	[Next in Thread>
[lvs-users] Test weak SSL ciphers with LVS, Son Nguyen <=

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	[lvs-users] lvs works behind a hareware firewall through public network, 孙楠松
Next by Date:	[lvs-users] SNAT with LVS, Nick Calvert
Previous by Thread:	[lvs-users] lvs works behind a hareware firewall through public network, 孙楠松
Next by Thread:	[lvs-users] SNAT with LVS, Nick Calvert
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

[lvs-users] lvs works behind a hareware firewall through public network, 孙楠松

Next by Date:

[lvs-users] SNAT with LVS, Nick Calvert

Previous by Thread:

[lvs-users] lvs works behind a hareware firewall through public network, 孙楠松

Next by Thread:

[lvs-users] SNAT with LVS, Nick Calvert

Indexes:

[Date] [Thread] [Top] [All Lists]