topic Re: SSL Medium Strength Cipher Suites Supported in General Topics

SSL Medium Strength Cipher Suites Supported

Wang — Thu, 14 Feb 2019 05:59:09 GMT

What about a list of moderately strong SSL passwords? Can someone help me?
42873 - SSL Medium Strength Cipher Suites Supported
Here is the list of medium strength SSL ciphers supported by the remote server :
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
The fields above are :
{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}

Re: SSL Medium Strength Cipher Suites Supported

Tor-Erik_Ones — Thu, 14 Feb 2019 09:03:17 GMT

I think yuo have to explain what you are trying to do

Re: SSL Medium Strength Cipher Suites Supported

Wang — Thu, 14 Feb 2019 09:27:10 GMT

This is the vulnerability scanned by the scanning software?
I would like to ask what is the reason and what is the solution?

Re: SSL Medium Strength Cipher Suites Supported

Wang — Thu, 14 Feb 2019 09:30:13 GMT

I am looking forward to your reply. Thank you very much!

Re: SSL Medium Strength Cipher Suites Supported

Timothy_Hall — Thu, 14 Feb 2019 12:51:02 GMT

See these SKs:

sk120774: Vulnerability scan shows that there are weak ciphers related to TLS 1.2

sk82900: Security Audit indicates Firewall vulnerable to Weak Ciphers

sk123351: Vulnerability scan shows port 18194 has weak certificate ciphers (3DES)

sk100647: Check Point response to common false positives scanning results

--
"IPS Immersion Training" Self-paced Video Class
Now Available at http://www.maxpowerfirewalls.com

Re: SSL Medium Strength Cipher Suites Supported

66790fe4-98ef-4 — Mon, 22 Jul 2019 15:37:58 GMT

I wish people would take a little more time in their answers to specific questions. Just pointing everyone to KB articles is equivalent to one tick above zero effort. I can search and find KB articles, read them and as long as they are well written understand them. But if that were the case, there would be no need for these BB sites would there? If one takes the time to answer these queries, the least they can do is to summarize the articles, otherwise all your help is merely rudimentary skills, and I cannot see how people would give a thumbs up to these replies, unless of course the learner is too lazy to look this up themselves.

Re: SSL Medium Strength Cipher Suites Supported

Raman_Arora — Mon, 26 Oct 2020 10:51:11 GMT

@Timothy_Hall Do CP have any published sk on Qualys scan - QID - 38142 - SSL Server Allows Anonymous Authentication Vulnerability?

"CIPHER KEY-EXCHANGE AUTHENTICATION MAC ENCRYPTION(KEY-STRENGTH) GRADE
TLSv1 SUPPORTS CIPHERS WITH NO AUTHENTICATION
ADH-AES128-SHA DH None SHA1 AES(128) MEDIUM
ADH-AES256-SHA DH None SHA1 AES(256) HIGH
TLSv1.1 SUPPORTS CIPHERS WITH NO AUTHENTICATION
ADH-AES128-SHA DH None SHA1 AES(128) MEDIUM
ADH-AES256-SHA DH None SHA1 AES(256) HIGH
TLSv1.2 SUPPORTS CIPHERS WITH NO AUTHENTICATION
ADH-AES128-SHA DH None SHA1 AES(128) MEDIUM
ADH-AES256-SHA DH None SHA1 AES(256) HIGH"

Re: SSL Medium Strength Cipher Suites Supported

cstaffbrad — Wed, 03 Nov 2021 12:28:19 GMT

Any suggestion on above question please, I think we have the same issue.

Re: SSL Medium Strength Cipher Suites Supported

_Val_ — Wed, 03 Nov 2021 12:46:39 GMT

What is "the same issue" in your case, can you elaborate? This thread is two years old, it may not be relevant to your case. Please specify in more details, thanks.