In-Reply-To: <[EMAIL PROTECTED]>
Patrick,
You can specify which levels you would like your webserver to communicate
at, I'm not sure which webserver your running, so I'll give you an example
of my ssl.conf for apache.
SSLProtocol -ALL +SSLv3 +TLSv1
#SSLCipherSuite
ALL:ADH:EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCipherSuite ALL:!aNULL:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM
As you can see I've modified the original SSLCipherSuite to ensure what I
feel is a more secure choice.
Hope this helps,
Nick
>Greetings,
>
> I would like to know what are the permited (and deny) encryption Level
on a
>Web Site.
>
> Nessus tell me that my target host accept 40 bit, 56 bits and 128 bits
>encryptions..
>
>I would like to know how that information was obtained?
>
>How can i get that information?(Without using Nessus) In Linux and
Windows ?
>
>Thank you.
>--
>Patrick Boucher
---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------
