About jsalgado2001

jsalgado2001 · 02-08-2016

I'm new to these ESAs C170s and one of our guys ran a scan and it came up with "SSL weak cipher vulnerability". Looking in the GUI under System Administration > SSL Configuration I see SSL v3 enabled. Also via the CLI: sslconfig settings: GUI HTTPS ...

jsalgado2001 · 01-07-2016

I came into an environment where they have a C170 on firmware 9.7.0-125. I am not familiar with these devices so please explain in detail if you have any suggestions. When sending an outbound Exchange 2010 calendar appointment to another organizatio...

jsalgado2001 · 03-25-2016

I did see those errors as well but also saw the "no shared cipher" error. I'm a cipher newb and don't know much about all this stuff. Still learning. SSLLabs has a document and it states: 3DES provides about 112 bits of security. This is below the ...

jsalgado2001 · 03-25-2016

Normally what I've been doing is grepping the ip address and then doing a grep on the icid and it will show a "no shared cipher" error. I take a sceenshot and email it to them. Most of the time that works.

jsalgado2001 · 03-24-2016

I've had 4 external companies I've had to work with now due to "no shared cipher" problems. Most all of them were running Exchange 2007 on Server 2003. Having them run this patch will enable them to handshake using AES128-SHA or AES256-SHA https:/...

jsalgado2001 · 02-17-2016

Doug - Thank you very much. We made the same changes and our scan came back clean now.

jsalgado2001 · 02-16-2016

why not add :!SSLv2:!SSLv3 to the inbound and outbound that Doug posted as well just to make sure they are not used (even though I have them unchecked)

Member Since	‎01-07-2016 09:45 AM
Date Last Visited	‎08-18-2017 03:54 AM
Posts	14

User Statistics

User Activity

Scan revealed weak ssl cipher.

Disclaimer and Meeting requests sent as attachments

I did see those errors as

Normally what I've been doing

I've had 4 external companies

Doug - Thank you very much.

why not add :!SSLv2:!SSLv3 to