Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
tavi0906
Contributor

weak ssl/tls key exchange on sms

we have flagged on vulnerability on sms as weak ssl/tls key exchange on port 19009

solution

change the SSL/TLS server configuration to only allow strong key exchanges. Key exchanges used on the server should provide at least 112 bits of
security, so the minimum key size to not flag this QID should be:
2048 bit key size for Diffie Hellman (DH) or RSA key exchanges
224 bit key
size for Elliptic Curve Diffie Hellman (EDCH) key exchanges.

 

here my question can we change the settings accordingly on above solution ? even its on port 19009 ?

 

if yes, how ?

 

0 Kudos
2 Replies
_Val_
Admin
Admin

Assuming you are running one of the supported versions, please look into sk181879

0 Kudos
tavi0906
Contributor

currently we are on version is R80.20 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events