This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Wang
Collaborator
‎2019-02-13 09:59 PM

SSL Medium Strength Cipher Suites Supported

  • What about a list of moderately strong SSL passwords? Can someone help me?

    42873 - SSL Medium Strength Cipher Suites Supported
    Here is the list of medium strength SSL ciphers supported by the remote server :

    Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)

    EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
    ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1
    DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1

    The fields above are :

    {OpenSSL ciphername}
    Kx={key exchange}
    Au={authentication}

8 Replies
Tor-Erik_Ones
Participant
‎2019-02-14 01:03 AM

I think yuo have to explain what you are trying to do

0 Kudos
Wang
Collaborator
‎2019-02-14 01:27 AM
In response to Tor-Erik_Ones

  • This is the vulnerability scanned by the scanning software?

    I would like to ask what is the reason and what is the solution?

0 Kudos
Wang
Collaborator
‎2019-02-14 01:30 AM
In response to Tor-Erik_Ones

  • I am looking forward to your reply. Thank you very much!

0 Kudos
Timothy_Hall
Legend Legend
Legend
‎2019-02-14 04:51 AM
In response to Wang

See these SKs:

sk120774: Vulnerability scan shows that there are weak ciphers related to TLS 1.2

sk82900: Security Audit indicates Firewall vulnerable to Weak Ciphers

sk123351: Vulnerability scan shows port 18194 has weak certificate ciphers (3DES)

sk100647: Check Point response to common false positives scanning results

--
"IPS Immersion Training" Self-paced Video Class
Now Available at http://www.maxpowerfirewalls.com

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com
66790fe4-98ef-4
Explorer
‎2019-07-22 08:37 AM
In response to Timothy_Hall

I wish people would take a little more time in their answers to specific questions. Just pointing everyone to KB articles is equivalent to one tick above zero effort. I can search and find KB articles, read them and as long as they are well written understand them. But if that were the case, there would be no need for these BB sites would there? If one takes the time to answer these queries, the least they can do is to summarize the articles, otherwise all your help is merely rudimentary skills, and I cannot see how people would give a thumbs up to these replies, unless of course the learner is too lazy to look this up themselves.

0 Kudos
Raman_Arora
Contributor
‎2020-10-26 03:51 AM
In response to Timothy_Hall

@Timothy_Hall Do CP have any published sk on Qualys scan - QID - 38142 - SSL Server Allows Anonymous Authentication Vulnerability?


"CIPHER KEY-EXCHANGE AUTHENTICATION MAC ENCRYPTION(KEY-STRENGTH) GRADE
TLSv1 SUPPORTS CIPHERS WITH NO AUTHENTICATION
ADH-AES128-SHA DH None SHA1 AES(128) MEDIUM
ADH-AES256-SHA DH None SHA1 AES(256) HIGH
TLSv1.1 SUPPORTS CIPHERS WITH NO AUTHENTICATION
ADH-AES128-SHA DH None SHA1 AES(128) MEDIUM
ADH-AES256-SHA DH None SHA1 AES(256) HIGH
TLSv1.2 SUPPORTS CIPHERS WITH NO AUTHENTICATION
ADH-AES128-SHA DH None SHA1 AES(128) MEDIUM
ADH-AES256-SHA DH None SHA1 AES(256) HIGH"

 

0 Kudos
cstaffbrad
Explorer
‎2021-11-03 05:28 AM
In response to Raman_Arora

Any suggestion on above question please, I think we have the same issue.

0 Kudos
_Val_
Admin
Admin
‎2021-11-03 05:46 AM
In response to cstaffbrad

What is "the same issue" in your case, can you elaborate? This thread is two years old, it may not be relevant to your case. Please specify in more details, thanks.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events