Ted Byers wrote on Fri, Jul 24 2015 at 3:51 pm: > First, the scanner complains that TLS1 is supported and we need to restrict > it to TLS1.2.
> Second, it appears that ssh-server on pfsense is version 6.6 Is this an internal scan or external? Hopefully those aren't exposed externally. If internal, can access be limited to certain IPs? This probably isn't the forum to discuss, but the TLS 1.0 one is a fun one...that will catch Remote Desktop Services, and Vista and below don't support TLS 1.1+ period, and Windows 7 with IE10 or earlier don't have TLS 1.1+ enabled by default. -- Steve Yates ITS, Inc. _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold