I confirm that this is a BUG in the current version.The SSL listeners on
the WEB ports are not save against BEAST.
This concerns not to the SMTP SSL/TLS connections if you use the right SSL
settings.
I'll correct this in the next V2 version!
Thomas
Von:"Ethical Host - John MacKenzie"
A
beast.pl expects to see the string 'RC4' in the used ciffer list using
TLSv1!
Thomas
Von:"Ethical Host - John MacKenzie"
An: ,
Datum: 25.07.2013 20:29
Betreff:[Assp-user] how to change the SSL cipher to mitigate beast
Sorry for the delay, I wanted to update the status of
Sorry for the delay, I wanted to update the status of this issue, as I did
set the ssl_cipher_list in ASSP, I thought it worked for setting the cipher
on SMTP (see below appears not now), but it does not appear to affect the
https: connections on port 5 and 3 for the web interface? I don
