Back
-
Platform
BackManage PKI and Certificate Risk in One PlaceThe Business Case for PKI Modernization
Forrester estimates a composite organization achieved 312% ROI and a Net Present Value of $10.1M with the ¶ºÒõ¹Ý ONE platform.
-
Solutions
BackThe Smarter Way to Manage Certificate LifecyclesThe Business Case for PKI Modernization
Forrester estimates a composite organization achieved 312% ROI and a Net Present Value of $10.1M with the ¶ºÒõ¹Ý ONE platform.
- Buy
-
Company
BackManage PKI and Certificate Risk in One PlaceThe Business Case for PKI Modernization
Forrester estimates a composite organization achieved 312% ROI and a Net Present Value of $10.1M with the ¶ºÒõ¹Ý ONE platform.
-
Resources
BackThe Business Case for PKI Modernization
Forrester estimates a composite organization achieved 312% ROI and a Net Present Value of $10.1M with the ¶ºÒõ¹Ý ONE platform.
Read the Forrester TEI Study >
The Business Case for PKI Modernization
Forrester estimates a composite organization achieved 312% ROI and a Net Present Value of $10.1M with the ¶ºÒõ¹Ý ONE platform.
Read the Forrester TEI Study - Support
- Contact us
-
Language
Certificate Inspector
03-01-2016
Flavio
Preventing the DROWN Attack
Researchers recently uncovered the . DROWN stands for Decrypting RSA with Obsolete and Weakened encryption. It affects HTTPS and other services that rely on the SSL and TLS protocols.
Attackers can use the DROWN vulnerability to break the encryption that is used to protect your sensitive data from prying eyes. If the encryption is broken, attackers can read/steal your sensitive communications (e.g., passwords, financial data, and emails). In some situations, attackers may also be able to impersonate trusted websites.
Are You Vulnerable to the DROWN Attack?
It is estimated that 22% of servers may be vulnerable to the DROWN attack. If you have a website, mail server, and other services that rely on TLS, you may be susceptible to this attack as well.
To check a website or a public facing server to see if it supports SSL v2, you can use tools such asÌý ¶ºÒõ¹Ý® SSL Installation Diagnostics Tool. To check all the servers in your network (public and private) for SSL v2 support, you can use tools such as ¶ºÒõ¹Ý® Certificate Inspector.
Mitigating the DROWN Attack
If you discover that you have servers or services that still support SSL v2, the fix is straightforward: disable SSL v2.
- OpenSSL: If you are using OpenSSL, the easiest solution is to upgrade to recently released versions of . You should also upgrade to these if you are still using one of the older (no longer supported) versions of OpenSSL.
- Microsoft IIS: If you are using IIS 7 or newer, SSL v2 is disabled by default. If you manually enabled support for SSL v2, go back and disable it. If you are running older (no longer supported) version of IIS, then upgrade to IIS version 7 or newer.
- Network Security Services (NSS): If you are using NSS 3.13 or newer, SSL v2 is disabled by default. If you manually enabled support for SSL v2, you need to go back and disable it. If you are using an older version of NSS, simply upgrade to NSS 3.13 or newer.
- Apache, Nginx, etc.: If your servers support SSL v2, you need to disable support for it.
Featured Stories
-
The most-trusted global provider of high-assurance TLS/SSL, PKI, IoT and signing solutions.Ìý
-
© 2025 ¶ºÒõ¹Ý. All rights reserved.
Legal Repository Audits & Certifications Terms of Use Privacy Center Accessibility Cookie Settings