Difference between Client SSL and end to end SSL [closed] - security

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
We are asked to enable https for our website. While we contact our infrastructure team, they were asking which kind of SSL is required either "Client SSL" or "end to end SSL". Could anyone tell the differenece between these two, so that I can answer to the team?

I think you must have understood their question wrong:
all SSL/TLS for web sites (i.e. HTTPS) is end-to-end
but you might differ between the cases where only the server has the certificate to identity itself or the client has a certificate too, which can be used to authenticate the client at the server.

Related

How to enable SSL3 and disable SSL2 via putty? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
Can anybody give me some reference or steps for how we can disable the SSL2 and enable SSL3 for linux machine via putty. I am totally unaware of it. So need help..!!!
Putty uses SSH not SSL. Thus disabling SSLv2 and SSLv3 is not possible because they are not in use.

How to prevent from DOS attacks? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
I live in a college hostel, some other guys do the DOS attacks on rest computers.
The PC gets hanged, CPU uses becomes 100%.
Please help me to prevent from such attacks.
A more elaborate solution would be to put some sort of firewall between you and the rest of your network. and if you now where the attacks are coming from, meaning which ip(s) send the traffic you can block those so your computer doesn't even treat them.

Is SSL not secure any more? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
acording to this link https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160 is SSL not secure any more?
additional link: http://heartbleed.com/
SSL as a protocol is still secure. That bug exists in OpenSSL, which is one implementation of SSL but not the only one.
As a parallel, imagine if a bug was found in Internet Explorer. You wouldn't as a result then say "web browsing is not secure any more" - there are plenty of other web browsers, and they haven't suddenly become insecure because Internet Explorer had a bug.

Is it safe to email SSL certificates? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 9 years ago.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Improve this question
When I purchase SSL certificates, I submit the CSR securely through the vendor's website. The vendor then emails me the certificate that I need to install on my server.
Is it safe to email the certificate like that? For example, if someone intercepted the email with my certificate, could they compromise/decrypt my SSL?
If so, what's the safest way to get the certificate from my vendor on to my server?
Yes, it's safe. You need to protect the private key that corresponds to the public key in the certificate.
The certificate is public; when you install it, it will be sent to everyone that connects as part of the process to authenticate your server.

Was my website hacked? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
I am using a company called web-stat to watch for people visiting our website and noticed an entry page of "127​.0​.0​.1:4664/preview" rather than the url of the website or the url of a page.
Does this mean that someone has or is trying to hack our website?
Thanks
Requests to 127.0.0.1:4664/preview are likely from Google Desktop.
Security information about Google Desktop at SMB Security
To know for sure, you should inspect the TCP conversation and source endpoint to observe what exactly is making the requests.

Resources