addis_a
October 19, 2014, 11:50pm
1
i just noticed several entries in the main nginx log here that are:
[error] 28042#0: *12244 inflate() failed: -5 while processing SPDY,
client:
xx.xx.xx.xx, server: 0.0.0.0:443
anyone know what this is caused by? i haven’t found anything in the
search
engines that relate yet
Posted at Nginx Forum:
i just noticed several entries in the main nginx log here that are: [error] 28042#0: *12244 inflate() failed: -5 while processing SPDY, client: xx.xx.xx.xx, server: 0.0.0.0:443 anyone know what this is caused by? i haven't found anything in the...
tunist
October 19, 2014, 11:51pm
2
oh, and another:
*188425 SSL_do_handshake() failed (SSL: error:14094085:SSL
routines:SSL3_READ_BYTES:ccs received early) while SSL handshaking,
client:
xx.xx.xx.xx.xx, server: 0.0.0.0:443
is this maybe a result of hackers attempting to break into the server?
Posted at Nginx Forum:
i just noticed several entries in the main nginx log here that are: [error] 28042#0: *12244 inflate() failed: -5 while processing SPDY, client: xx.xx.xx.xx, server: 0.0.0.0:443 anyone know what this is caused by? i haven't found anything in the...
tunist
October 20, 2014, 12:16am
3
CCS-scan probably, see
https://www.mare-system.de/guide-to-nginx-ssl-spdy-hsts/#ccs-early-changecipherspec-attack )
what openssl-version do you use?
cheers,
mex
Posted at Nginx Forum:
i just noticed several entries in the main nginx log here that are: [error] 28042#0: *12244 inflate() failed: -5 while processing SPDY, client: xx.xx.xx.xx, server: 0.0.0.0:443 anyone know what this is caused by? i haven't found anything in the...
tunist
October 20, 2014, 12:43am
4
hi tunist,
if you want to test your server for CCS-vuln you might use
or the testscript from https://testssl.sh/
when you prefer to test locally.
though when i run openssl version, i see: OpenSSL 1.0.1e-fips 11 Feb
2013 not sure why…!?
distros backport patched but usually dont ship new versions,
thus dont update version-numbers; same here, although
this system is fully patched
$ openssl version
OpenSSL 1.0.1e 11 Feb 2013
Posted at Nginx Forum:
i just noticed several entries in the main nginx log here that are: [error] 28042#0: *12244 inflate() failed: -5 while processing SPDY, client: xx.xx.xx.xx, server: 0.0.0.0:443 anyone know what this is caused by? i haven't found anything in the...
tunist
October 20, 2014, 12:34am
5
fedora 20 - latest version of openssl = 1:openssl-1.0.1e-40.fc20.x86_64
though when i run openssl version, i see: OpenSSL 1.0.1e-fips 11 Feb
2013
not sure why…!?
mex Wrote:
mex
Posted at Nginx Forum:
i just noticed several entries in the main nginx log here that are: [error] 28042#0: *12244 inflate() failed: -5 while processing SPDY, client: xx.xx.xx.xx, server: 0.0.0.0:443 anyone know what this is caused by? i haven't found anything in the...
tunist
October 20, 2014, 1:37am
6
thanks, yes - i just thought to do that before i read your reply. the
test
says my server is not vulnerable to the attack - so the bugfixes appear
to
have been integrated into the latest fedora version of openssl, even
though
running the openssl version command does not show this to be the case.
so i just put up with the regular error log entries for inflate?
mex Wrote:
though when i run openssl version, i see: OpenSSL 1.0.1e-fips 11
Feb
2013 not sure why…!?
distros backport patched but usually dont ship new versions,
thus dont update version-numbers; same here, although
this system is fully patched
$ openssl version
OpenSSL 1.0.1e 11 Feb 2013
Posted at Nginx Forum:
i just noticed several entries in the main nginx log here that are: [error] 28042#0: *12244 inflate() failed: -5 while processing SPDY, client: xx.xx.xx.xx, server: 0.0.0.0:443 anyone know what this is caused by? i haven't found anything in the...