SSLv3 and POODLE

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
View previous topic :: View next topic  
Author Message
jddj
DD-WRT Novice


Joined: 17 Oct 2014
Posts: 11
PostPosted: Fri Oct 17, 2014 3:59    Post subject: SSLv3 and POODLE Reply with quote
Hi all, first post here.

I've disabled SSLv3 in all my browsers to mitigate against the POODLE SSL fallback exploit, and find that Firefox can no longer get into DD-WRT for maintenance.

Currently using:

DD-WRT v24-sp2 (03/14/13) kingkong
(SVN revision 20805M)

I wonder if there's a way to get at least TLS 1.0 out of my ASUS RT-N16.

Thanks,

jddj
Back to top View user's profile Send private message
Sponsor
MoFoQ
DD-WRT Novice


Joined: 20 May 2010
Posts: 27
PostPosted: Thu Dec 11, 2014 5:16    Post subject: Reply with quote
I ran into the same issue.

At least for Firefox, you can disable the thing that disabled SSLv3 for the interim.

Just go to about:config and set the following two to "0"
Code:

security.tls.version.min
security.tls.version.fallback-limit
Back to top View user's profile Send private message
jddj
DD-WRT Novice


Joined: 17 Oct 2014
Posts: 11
PostPosted: Fri Feb 19, 2016 15:23    Post subject: Reply with quote
SOLVED!

After all this time, it appears that you need to install a "big" build, vs. a "mega", if you want to get working TLS. Big is larger (MB-wise) than mega, and has more stuff in it.
Back to top View user's profile Send private message
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum