RE: SSL vulnerability question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thanks.

-----Original Message-----
From: Matus UHLAR - fantomas [mailto:uhlar@xxxxxxxxxxx] 
Sent: Wednesday, October 20, 2010 3:54 AM
To: users@xxxxxxxxxxxxxxxx
Subject: Re:  SSL vulnerability question

> ----- "Denise Edwards" <Denise.Edwards@xxxxxxxxx> wrote:
> > Received security can results which had two issues:
> > 
> > 1-SSL Server Supports Weak Encryption Vulnerability
> > 
> > 2-SSL Server Has SSLv2 Enabled Vulnerability
[...]
> > - SSLCipherSuite property includes high, medium, low and SSLv2

On 18.10.10 17:25, Igor Galić wrote:
> And that's your problem.
> 
> 
> SSLProtocol TLSv1 SSLv3
> SSLCipherSuite RC4-SHA:AES256-SHA:ALL:!ADH:!MD5

I use:

SSLCipherSuite DEFAULT:!EXP:!LOW

you can list those by issuing:

openssl ciphers -v '<cipherlist>'

-- 
Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Chernobyl was an Windows 95 beta test site.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx

CONFIDENTIALITY NOTICE: The information in this Internet email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx




[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux