Question : SSL Medium Strength Cipher Suites Supported

how to fix this, im using win2k3

Synopsis :

The remote service supports the use of medium strength SSL ciphers.

Description :

The remote host supports the use of SSL ciphers that offer medium
strength encryption, which we currently regard as those with key
lengths at least 56 bits and less than 112 bits.

Solution :

Reconfigure the affected application if possible to avoid use of
medium strength ciphers.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)

Plugin output :

Here are the medium strength SSL ciphers supported by the remote server :

Medium Strength Ciphers (>= 56-bit and < 112-bit key)
SSLv3
EDH-RSA-DES-CBC-SHA Kx=DH Au=RSA Enc=DES(56) Mac=SHA1
DES-CBC-SHA Kx=RSA Au=RSA Enc=DES(56) Mac=SHA1
TLSv1
EDH-RSA-DES-CBC-SHA Kx=DH Au=RSA Enc=DES(56) Mac=SHA1
DES-CBC-SHA Kx=RSA Au=RSA Enc=DES(56) Mac=SHA1

The fields above are :

{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}


Nessus ID : 42873

Answer : SSL Medium Strength Cipher Suites Supported

This EE post may be helpful to you.

http://www.experts-exchange.com/Networking/Protocols/Application_Protocols/SSL/Q_24245994.html
Random Solutions  
 
programming4us programming4us