jcrodriguez-dis
commented
3 years ago Resolved in V2.6 adding SSL_CIPHER_LIST parameter See https://vpl.dis.ulpgc.es/documentation/vpl-jail-system-2.6.0/configuration.html#ssl-cipher-list
Open mtalero-20 opened 4 years ago
jcrodriguez-dis
commented
3 years ago Resolved in V2.6 adding SSL_CIPHER_LIST parameter See https://vpl.dis.ulpgc.es/documentation/vpl-jail-system-2.6.0/configuration.html#ssl-cipher-list
Puedo des habilitar suite de cifrado desde vpl-jail-system.conf ya que presentan vulnerabilidades en el servidorweb.
DES, 3DES, IDEA or RC2 ciphers (Remote attackers can obtain cleartext data via a birthday attack against a long-duration encrypted session.) RC4-SHA, RC4-MD5,(RC4 should not be used where possible. One reason that RC4(Arcfour) was still being used was BEAST and Lucky13 attacks against CBC mode ciphers in SSL and TLS)