Since I was looking the details how to tame the B.E.A.S.T.¬†(Browser Exploit Against SSL/TLS) once again, I thought I write a few lines down about it. The exploit actually was discovered last year by¬†Juliano Rizzo and Thai Duong. More details about the exploit can be found at h-online.com. To hinder the BEAST from attacking you, one way is to enable TLS 1.1 in your browser, but I plan to go another way.
I actually disable the vulnerable CBC modes. To archive this with apache and mod_ssl/mod_gnutls, do the following:
I found this information in the German IT-security forum over at XING.