Mailing List CGatePro@mail.stalker.com Message #107007
From: Gib Henry gib@gibhenry.com <CGatePro@mail.stalker.com>
Subject: SSL Analyzer reveals CGP vulnerabilities
Date: Sat, 10 Nov 2018 12:15:54 +0100
To: CommuniGate Pro Discussions <CGatePro@mail.stalker.com>

I ran my test domain against Comodo’s SSL Analyzer and am puzzled about the results.  How can I close these vulnerabilities?  Cheers,


Gib Henry

Protocol Features / Problems
Secure Renegotiation (Client-initiated) Supported VULNERABLE (DoS)
Cipher Suites Enabled
Name (ID) Key Size (in bits)
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x6B) 256 DH 1024-bit WEAK (DH group size)
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39) 256 DH 1024-bit WEAK (DH group size)
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x67) 128 DH 1024-bit WEAK (DH group size)
TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33) 128 DH 1024-bit WEAK (DH group size)
TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xC011) 128 ECDH 256-bit (P-256) WEAK (RC4)
TLS_RSA_WITH_RC4_128_SHA (0x5) 128 WEAK (RC4 )
TLS_RSA_WITH_RC4_128_MD5 (0x4) 128 WEAK (RC4 )
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (0xC012) 112 ECDH 256-bit (P-256) WEAK (3DES)
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x16) 112 DH 1024-bit WEAK (3DES, DH group size

TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xA) 112 WEAK (3DES)
Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster