Internet Security Components - COM, ActiveX and .NET

'The DROWN' Attack vulnerability - WeOnlyDo Discussion board

Linear

Is wodSSH.NET, WeOnlyDo.Client.FTP affected by the Drown Attack vulnerability? I am using v2.6 and 1.7 versions respectively.
If affected, is there a hotfix or a patch available to overcome this vulnerability?

locked

3671 views

Hi.

Since DROWN is related to SSL/TLS, wodSSH.NET is not vulnerable (different protocol).

As for wodFtpDLX.NET, it depends on the server if it has enabled SSLv2 or not. You can enforce use of TLS through SecureMethod property

SslProtocols

so from client's perspective you don't even give ability for SSLv2 to be used.

I hope this helps!
Jasmine

locked

3755 views

Just thought you'd like to know that my gateway app with your SMTP Server component held the line against a DDOS attack today...

Chris Langsenkamp

Clever Technologies

...with WOD's excellent support I was able to bypass Winsock and focus on the task at hand...

Sander Pool

Rhapsody Networks

The SFTP ocx is one of the finest pieces of programming I have seen. It worked out of the box...

Kenneth R. Robinette

InterSoft International

Thank you very much for the rapid responses. I was a little nervous about dealing with a company that is on a different continent from me. You have proven my concerns to be unfounded.

Robert Pacheco

Surebridge, Inc.