SSH Server CBC Mode Ciphers & SSH Weak MAC Vulnerabilities Firesight

1003

Views

Helpful

Replies

I have a Firesight Management Server (2000) that manages various Firepower devices on my network. They are running the latest software versions.

My security auditor keeps flagging both the management server and the sensors for:

SSH Weak Algorithms enabled (MD5 & 96bit)

SSL 64bit block size ciphers (SWEET32 attack)

Is there any way to correct this through disabling certain ciphers, making modifications, etc.?

I do NOT want to lock myself out of my IPS system or damage the software.

thanks

0 Replies 0

Learn, share, save

Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.

New here? Get started with these tips. How to use Community New member guide

November 21st: Weak ciphers being disabled for Umbrella and OpenDNS

‎10-11-2024 03:59 PM

‎05-29-2025 08:06 AM

‎09-25-2017 01:41 AM

‎03-20-2024 03:28 AM

‎01-26-2015 06:57 AM