Christophe Carles
2017-06-27 14:13:28 UTC
Hello,
I use perdition as a proxy-imap server.
After check vulnerabilty with openvas, i found that my perdition
configuration as some vulnerabilty with anonymous and weak cipher suite.
Vulnerabilty Detection result :
Anonymous cipher suites accepted via TLSv1.0, TLSv1.1, TLSv1.2:
TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
TLS_ECDH_anon_WITH_AES_128_CBC_SHA
TLS_ECDH_anon_WITH_AES_256_CBC_SHA
TLS_ECDH_anon_WITH_RC4_128_SHA
Weak cipher suites accepted via TLSv1.0, TLSv1.1, TLSv1.2:
TLS_ECDHE_RSA_WITH_RC4_128_SHA
TLS_ECDH_anon_WITH_RC4_128_SHA
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_SEED_CBC_SHA
I haven't found in the man perdition how to disable these cipher suite.
As anyone have an idea how to make it ?
Thanks
NB : I use perdition 2.2-16.4
--
Christophe Carles
CNRS - CBI
Service Informatique
Bât. IBCG
118, route de Narbonne
31062 Toulouse Cedex9
***@ibcg.biotoul.fr
Tél : 05.61.33.59.60
Fax : 05.61.33.58.86
I use perdition as a proxy-imap server.
After check vulnerabilty with openvas, i found that my perdition
configuration as some vulnerabilty with anonymous and weak cipher suite.
Vulnerabilty Detection result :
Anonymous cipher suites accepted via TLSv1.0, TLSv1.1, TLSv1.2:
TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
TLS_ECDH_anon_WITH_AES_128_CBC_SHA
TLS_ECDH_anon_WITH_AES_256_CBC_SHA
TLS_ECDH_anon_WITH_RC4_128_SHA
Weak cipher suites accepted via TLSv1.0, TLSv1.1, TLSv1.2:
TLS_ECDHE_RSA_WITH_RC4_128_SHA
TLS_ECDH_anon_WITH_RC4_128_SHA
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_SEED_CBC_SHA
I haven't found in the man perdition how to disable these cipher suite.
As anyone have an idea how to make it ?
Thanks
NB : I use perdition 2.2-16.4
--
Christophe Carles
CNRS - CBI
Service Informatique
Bât. IBCG
118, route de Narbonne
31062 Toulouse Cedex9
***@ibcg.biotoul.fr
Tél : 05.61.33.59.60
Fax : 05.61.33.58.86