Re: [mod-security-users] https://www.modsecurity.org/ TLS 1.0

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Agreed more stupid people in US.

But also didn't China like murder upwards of 1 million Uyghurs over the
last 12 months + harvest their organs while alive in Xinjiang?

Supposedly they used ECMO machines to harvest them. It's a device which
keeps you alive and partially frozen while they take all of your organs...

Lol it's like the new Holocaust

On Fri, Mar 13, 2020 at 8:13 AM Reindl Harald <h.r...@th...>
wrote:

>
>
> Am 13.03.20 um 13:36 schrieb Dan Ehrlich via mod-security-users:
> > It's probably a Chinese front company and they did it on purpose
>
> stop this china bullshit when it's proven that the biggest idiots are
> located in the united states, not only in this but also in this case
>
> https://www.trustwave.com/en-us/
> "Cybersecurity and Managed Security Services | Trustwave" - *loool*
>
> Name:   modsecurity.org
> Address: 204.13.200.240
>
> NetRange:       204.13.200.0 - 204.13.203.255
> CIDR:           204.13.200.0/22
> NetName:        NET-204-13-200-0-1
> NetHandle:      NET-204-13-200-0-1
> Parent:         NET204 (NET-204-0-0-0-0)
> NetType:        Direct Assignment
> OriginAS:       AS33151
> Organization:   Trustwave Holdings, Inc. (TRUST-7)
>
> > On Fri, Mar 13, 2020 at 6:24 AM Reindl Harald <h.r...@th...
> > <mailto:h.r...@th...>> wrote:
> >
> >
> >
> >     Am 13.03.20 um 03:13 schrieb Reindl Harald:
> >     > Am 12.03.20 um 22:57 schrieb az...@po... <mailto:
> az...@po...>:
> >     >> Citát Reindl Harald <h.r...@th...
> >     <mailto:h.r...@th...>>:
> >     >>
> >     >>> Am 12.03.20 um 17:57 schrieb Reindl Harald:
> >     >>>> https://www.modsecurity.org/
> >     >>>>
> >     >>>> seriously?
> >     >>>>
> >     >>>> it's not a breaking news that firefox and other browsers are
> >     planning
> >     >>>> disable TLS1.0/1.1 for many months
> >     >>>
> >     >>> https://i.imgur.com/wC4IJbs.png shows the by far the dumbest
> >     webserver
> >     >>> setup i have faced in the past 15 years
> >     >>>
> >     >>> The server supports only older protocols, but not the current
> >     best TLS
> >     >>> 1.2. Grade capped to C.
> >     >>>
> >     >>> This server accepts RC4 cipher, but only with older protocols.
> Grade
> >     >>> capped to B.
> >     >>>
> >     >>> This server does not support Forward Secrecy with the reference
> >     >>> browsers. Grade capped to B.
> >     >>>
> >     >>> This server does not support Authenticated encryption (AEAD)
> cipher
> >     >>> suites. Grade capped to B.
> >     >>>
> >     >>> This server supports TLS 1.0. Grade capped to B.
> >     >>>
> >     >>> ------------------------
> >     >>>
> >     >>> and yes *i know* that we are *currently* Grade B because
> >     *allowing* TLS
> >     >>> < 1.2 for now for a short time to redirect support calls of
> >     endusers as
> >     >>> dumb as your webadmins to somewhere else
> >     >>
> >     >>
> >     >> Hi guys,
> >     >>
> >     >> i can setup it for you, contact me if you are interested, i have
> >     almost
> >     >> 20 years of experiences with linux administration focusing on
> >     security.
> >     >
> >     > a trained monkey can setup whatever webserver supporting TLS 1.2
> >     and the
> >     > main question is what nonsense one needs to to for such a result
> >     with no
> >     > TLS 1.2 and no ECDHE
> >     >
> >     > https://www.trustwave.com/en-us/
> >     > "Cybersecurity and Managed Security Services | Trustwave" - *loool*
> >     >
> >     > Name:   modsecurity.org <http://modsecurity.org>
> >     > Address: 204.13.200.240
> >     >
> >     > NetRange:       204.13.200.0 - 204.13.203.255
> >     > CIDR:           204.13.200.0/22 <http://204.13.200.0/22>
> >     > NetName:        NET-204-13-200-0-1
> >     > NetHandle:      NET-204-13-200-0-1
> >     > Parent:         NET204 (NET-204-0-0-0-0)
> >     > NetType:        Direct Assignment
> >     > OriginAS:       AS33151
> >     > Organization:   Trustwave Holdings, Inc. (TRUST-7)
> >     > RegDate:        2005-05-04
> >     > Updated:        2012-02-24
> >     > Ref:            https://rdap.arin.net/registry/ip/204.13.200.0
> >
> >     besides that it's a shame that Trustwave don't run automated security
> >     audits nor is able to respond here and it's hard to take a secruity
> >     company serious acting that incompetent
> >
> >     let me guess: the funny clown who modified the "Server" headerand
> nobody
> >     cas a clue what that guy all changed and why....
> >
> >     [harry@srv-rhsoft:~]$ curl --head https://www.modsecurity.org/
> >     HTTP/1.1 200 OK
> >     Date: Fri, 13 Mar 2020 11:20:13 GMT
> >     Server: What-Chu-Talkin'-Bout-Willis?/Arnold Drummondv.1.0
> >     Accept-Ranges: bytes
> >     Content-Length: 5605
> >     Connection: close
> >     Content-Type: text/html; charset=ISO-8859-1
>
>
> _______________________________________________
> mod-security-users mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-users
> Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
> http://www.modsecurity.org/projects/commercial/rules/
> http://www.modsecurity.org/projects/commercial/support/
>