TLS hardening for swh2.inria.fr:25
Closed, MigratedEdits Locked
Actions

Assigned To

Authored By

	zack
	Feb 23 2016, 4:03 PM

Description

Quoting from Message-ID: <72684173.18718198.1456232083286.JavaMail.zimbra@inria.fr> (by Laurent)

Notre système de scan de vulnérabilités et anomalies sécurité automatique relève une configuration TLS
trop faible sur le port 25 de swh2.inria.fr.

Par exemple :
51192 - SSL Certificate Cannot Be Trusted       [-/+]
57582 - SSL Self-Signed Certificate     [-/+]
42873 - SSL Medium Strength Cipher Suites Supported     [-/+]
65821 - SSL RC4 Cipher Suites Supported (Bar Mitzvah)   [-/+]
26928 - SSL Weak Cipher Suites Supported        [-/+]
83738 - SSL/TLS EXPORT_DHE <= 512-bit Export Cipher Suites Supported (Logjam)   [-/+]
81606 - SSL/TLS EXPORT_RSA <= 512-bit Cipher Suites Supported (FREAK)   [-/+]
83875 - SSL/TLS Diffie-Hellman Modulus <= 1024 Bits (Logjam)
Je pense que vous pouvez vite y palier :

avec un "vrai" certificat (vous y avez droit maintenant BTW ?)

avec du hardening basique de la partie TLS.

Event Timeline

zack created this task.Feb 23 2016, 4:03 PM

Herald added a project: Staff. · View Herald TranscriptFeb 23 2016, 4:03 PM

zack removed projects: System administrators, Staff.Mar 10 2016, 5:53 PM

zack added a project: System administration.Apr 1 2016, 10:21 AM

olasd changed the visibility from "All Users" to "Public (No Login Required)".May 13 2016, 5:08 PM

zack closed this task as Wontfix.Oct 4 2018, 12:32 PM

zack claimed this task.

This task has been migrated to GitLab.

TLS hardening for swh2.inria.fr:25Closed, MigratedEdits LockedActions

Description

Event Timeline

TLS hardening for swh2.inria.fr:25
Closed, MigratedEdits Locked
Actions