Ebuka John Onyejegbu

0 %
Ebuka John Onyejegbu
Red Teamer
Incidence Responder
SANS GCIH | OSCP
  • Residence:
    Nigeria
  • City:
    Lagos
Batch
Bash
Powershell
html
CSS
Js
PHP
WordPress
  • Linux, Windows
  • Windows Server
  • Linux Server
  • Cloud, Azure, AWS, Oracle
0

No products in the cart.

SSL Medium Strength Cipher Suites Supported (SWEET32) on Linux RedHat

February 23, 2022

Sometimes the blue teams are tasked with resolving this vulnerability which can fall into the Medium or High Vulnerability.

This is caused by using weak cipher suites.

 

go ahead and run the below to fix.

nano /etc/httpd/conf.d/ssl.conf

you can set the below

SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite HIGH: !aNULL: !MD5
SSLHonorCipherOrder on

Here are the explanations

SSLProtocol
Use this directive to specify the version of TLS(or SSL) you want to allow

SSLCipherSuite
Use ths directive to specify your preferred cipher suite or disable the ones you want to disallow.

SSLHonorCipherOrder
Uncomment and set this directive to on to ensure the connecting clients adhere to the order of ciphers you specified.

Posted in Vulnerability RemediationTags:
Write a comment