New denial of service tool knocks out encrypting servers
Eric Griffith
egriffith92 at gmail.com
Wed Oct 26 02:58:33 UTC 2011
http://www.h-online.com/security/news/item/New-denial-of-service-tool-knocks-out-encrypting-servers-1366564.html
I link the article to make sure everyone see's it; but also to frame a
question. The "Fix" seems to be to simply disable SSL-Renegotiation so
that its not hammered over and over. The question: How do you disable
SSL Renegotiation on Nginx? I tried googling "Nginx Disable SSL
Renegotiation" but all that came back was patches to add the ability
TO disable it in Nginx, no actual config option. Anyone know?
More information about the nginx
mailing list