this post was submitted on 14 Nov 2024
1 points (100.0% liked)

cybersecurity

10 readers
1 users here now

This subreddit is for technical professionals to discuss cybersecurity news, research, threats, etc.

founded 1 year ago
MODERATORS
[email protected]
1
Scanning tools (e.g., Nessus) results with findings of unsecure ciphers (e.g., CBC). (zerobytes.monster)
submitted 1 week ago by [email protected] to c/[email protected]
0 comments fedilink hide all child comments
 
The original post: /r/cybersecurity by /u/Square_Classic4324 on 2024-11-14 05:08:11.

I have a question about encrypt in transit services such as SSH. On the client side I've edited the conf files to 1, prioritize allowed ciphers and 2, block obsolete ciphers.

But the vulnerability scanning results still come back with tons of unsecure ciphers findings. Is that because the vuln scanning tools are trying to negotiate a connection themselves rather than using what is on the client?

Do I have to edit the server conf as well to suppress these findings? The findings are getting executive attention and at this point I just want to make it go away even though there's no chance of a client actually being able to initiate a connection with an excluded cipher.

Thank-you

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here