kanotix.com

General Support - SSL Labs Gives kanotix.com An F

damentz - 28.08.2023, 03:04 Uhr
Titel: SSL Labs Gives kanotix.com An F
https://www.ssllabs.com/ssltest/analyze ... anotix.com

Below are all the issues.

Zitat:
This server supports SSL 2, which is obsolete and insecure, and can be used against TLS (DROWN attack). Grade set to F.
This server supports insecure cipher suites (see below for details). Grade set to F.
This server supports insecure Diffie-Hellman (DH) key exchange parameters (Logjam). Grade set to F.
This server supports 512-bit export suites and might be vulnerable to the FREAK attack. Grade set to F.
This server is vulnerable to the POODLE attack. If possible, disable SSL 3 to mitigate. Grade capped to C.
This server does not mitigate the CRIME attack. Grade capped to C.
The server supports only older protocols, but not the current best TLS 1.2 or TLS 1.3. Grade capped to C.
This server accepts RC4 cipher, but only with older protocols. Grade capped to B.
There is no support for secure renegotiation.
This server does not support Forward Secrecy with the reference browsers. Grade capped to B.
This server does not support Authenticated encryption (AEAD) cipher suites. Grade capped to B.
This server supports TLS 1.0. Grade capped to B.

DeepDayze - 28.08.2023, 03:36 Uhr
Titel: RE: SSL Labs Gives kanotix.com An F
There seems to have been no updates to the site in a long time.
damentz - 28.08.2023, 15:54 Uhr
Titel: RE: SSL Labs Gives kanotix.com An F
That's an understatement, from SSL Labs, the HTTP signature:
Code:
Apache/2.2.3 (Debian) PHP/5.2.0-8+etch16 mod_ssl/2.2.3 OpenSSL/0.9.8c


Debian Etch had its last update in 2010. This is negligent, I'd assume this server has been compromised for years and is part of a botnet.
Alle Zeiten sind GMT + 1 Stunde
PNphpBB2 © 2003-2007