Hello and welcome to the Monday, February 10th,

2025 edition of the Sands and its Storm Center's Stormcast.

My name is Johannes Ulrich,

and I'm recording from Jacksonville, Florida.

Today, as I'm recording this,

it's also the 16th anniversary of this podcast.

Started all February 9th, 2005. Didn't actually realize it's already that long

running. Hope also enjoyed. Actually, thanks for some of the feedback that I've gotten based

on my request on Friday. But well, it's not just the podcast that's having its birthday today. So does SSL version 2 and Jan on

Friday took a closer look at how many SSL version 2 servers are still connected to the internet.

The absolute number may surprise people. It's 423,000 IP addresses, according to Shodan.

Well, however, it is really only a very minuscule percentage of all the HEP servers exposed to

internet in total. So I think this 400,000 number sounds a bit more scary than actually is.

However, one thing that John points out is if you are finding a web server that still supports

SSL version 2 in your environment, we're talking about SL version 2, not SSL version 3,

chances are that this web server is overall running very out-of-date software.

The protocol SL version 3 started to be deprecated 14 years ago in 2011.

So that essentially means that this particular device, this particular software, has not really

received any major updates for at least a decade. With that in mind, if you do find any of

these devices, let me actually know what you find. I have to take a closer look at the

showdown data. I suspect a lot a closer look at the Showdown data.

I suspect a lot of things like webcams and such

...