Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I'm new to these ESAs C170s and one of our guys ran a scan and it came up with "SSL weak cipher vulnerability".
Looking in the GUI under System Administration > SSL Configuration I see SSL v3 enabled.
Also via the CLI:
sslconfig settings: GUI HTTPS ...
I came into an environment where they have a C170 on firmware 9.7.0-125. I am not familiar with these devices so please explain in detail if you have any suggestions.
When sending an outbound Exchange 2010 calendar appointment to another organizatio...
I did see those errors as well but also saw the "no shared cipher" error. I'm a cipher newb and don't know much about all this stuff. Still learning.
SSLLabs has a document and it states:
3DES provides about 112 bits of security. This is below the ...
Normally what I've been doing is grepping the ip address and then doing a grep on the icid and it will show a "no shared cipher" error. I take a sceenshot and email it to them. Most of the time that works.
I've had 4 external companies I've had to work with now due to "no shared cipher" problems. Most all of them were running Exchange 2007 on Server 2003.
Having them run this patch will enable them to handshake using AES128-SHA or AES256-SHA
https:/...
why not add :!SSLv2:!SSLv3 to the inbound and outbound that Doug posted as well just to make sure they are not used (even though I have them unchecked)
