TLS Vulnerabilities.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

TLS Vulnerabilities.

L1 Bithead

Hi

 

I am running Minemeld on Ubuntu 16.04

 

The server is starting to show up in Vulnerability Scans depsite updating Ubuntu.

 

This is a list of the Vulnerbilties.

 

TLS Server Supports TLS version 1.0
TLS Server Supports TLS version 1.1
Diffie-Hellman group smaller than 2048 bits
TLS/SSL Birthday attacks on 64-bit block ciphers (SWEET32)
TLS/SSL Server Supports 3DES Cipher Suite
TLS/SSL Server Is Using Commonly Used Prime Numbers
TLS/SSL Server Supports The Use of Static Key Ciphers
TLS/SSL Server is enabling the BEAST attack

 

I suspect therefore the Minemeld may rely on some of the above?

 

Is there anyway i can resolve these vulnerabilities without detrimentally impacting Minemeld?

 

Regards

 

Stu

1 REPLY 1

L7 Applicator

Hi @Stuart_Walton ,

all the TLS settings are defined in the nginx config. You can safely change the nginx config to apply your TLS best practices.

 

Luigi

  • 4578 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!