Metasploitable
Wed Mar 22 13:28:09 2017
Wed Mar 22 13:22:35 2017
heavy vulnerability
8.14.25
2
0
8
5
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
8
1
server is susceptible to BEAST attack
3
2
SSL/TLS server supports short block sizes (SWEET32 attack)
3
3
SSL/TLS server supports RC4 ciphers
2
1
urd (465/TCP)
1
2
587/TCP
1
3
SMTP
1
4
WWW
1
5
WWW (Secure)
1
192.168.150.163
192.168.150.163
Linux 2.6.18 - 2.6.22
2
0
8
server is susceptible to BEAST attack
3
SSL/TLS server supports short block sizes (SWEET32 attack)
3
SSL/TLS server supports RC4 ciphers
2
192.168.150.163
587/tcp
potential
server is susceptible to BEAST attack
Other
CVE-2011-3389
4.3
443/tcp
potential
server is susceptible to BEAST attack
Other
CVE-2011-3389
4.3
25/tcp
potential
server is susceptible to BEAST attack
Other
CVE-2011-3389
4.3
25/tcp
potential
SSL/TLS server supports RC4 ciphers
Other
CVE-2013-2566 CVE-2015-2808
4.3
587/tcp
potential
SSL/TLS server supports RC4 ciphers
Other
CVE-2013-2566 CVE-2015-2808
4.3
25/tcp
potential
SSL/TLS server supports short block sizes (SWEET32 attack)
Other
CVE-2016-2183
5.0
443/tcp
potential
SSL/TLS server supports short block sizes (SWEET32 attack)
Other
CVE-2016-2183
5.0
587/tcp
potential
SSL/TLS server supports short block sizes (SWEET32 attack)
Other
CVE-2016-2183
5.0
587/tcp
service
587/TCP
25/tcp
service
SMTP
80/tcp
service
WWW
443/tcp
service
WWW (Secure)
465/tcp
service
urd (465/TCP)
80/tcp
info
Web Directory: /
443/tcp
info
Web Directory: /
80/tcp
info
Web Directory: /cgi-bin/
80/tcp
info
Web Directory: /scripts/
server is susceptible to BEAST attack
192.168.150.163
192.168.150.163
Linux 2.6.18 - 2.6.22
Mar 22 13:22:35 2017
new
Potential Problem
CVE-2011-3389
4.3
A remote attacker with the ability to sniff network traffic could decrypt an
encrypted session.
Cipher Block Chaining (CBC) is an encryption mode of operation where the decryption of each block of encrypted text depends on all of the preceding blocks. CBC requires an Initialization Vector, a block of bits which starts the encryption and ensures that the encrypted text is unique. The SSLv3 and TLS 1.0 protocols may encrypt data using Cipher Block Chaining
ciphers that use chained initialization vectors.
SSL/TLS CBC Initialization Vector Prediction
10/28/11
CVE 2011-3389
The Browser Exploit against SSL/TLS (BEAST) may allow an attacker to perform
a man-in-the-middle attack to obtain plain-text HTTP headers by conducting a
blockwise chosen-boundary attack (BCBA) against an HTTPS session.
This attack is an extension of two previously
disclosed attacks against SSL. The first of these attacks was detailed by
Gregory Bard in May 2004 (The
Vulnerability of SSL to Chosen Plaintext Attack). This research showed
that cipher block chaining mode used by SSL is vulnerable to decryption in
cases where the attacker can control part of the plaintext. This attack proved
to be difficult to implement against HTTPS sessions due to the attackers'
inability to control the contents. This attack method was extended to support
TLS 1.0 and improved in April 2006 (A
Challenging but Feasible Blockwise-Adaptive Chosen-Plaintext Attack on
SSL).
In September 2011, Juliano Rizzo and Thai Duong presented a modern iteration
of this attack that utilized Java or HTML5 WebSockets as an entry-point for
attackers. Using this method, attackers could host a malicious website that,
when visited by victims, uses Java or WebSockets to establish a connection to
any secured 3rd party website of their choice. If the user has an active
session to the targeted 3rd party site, any cookies he or she has saved will also
be sent. Since the attacker is initiating this request, he can control the
length of the requested resource, allowing him to position the cookie on a
block boundary. The attacker also knows part of the cleartext. If this can be
done in a man-in-the-middle scenario, the attacker will be able to intercept
this encrypted request and decrypt it off-line to obtain the cookie. If the
cookie contains an authentication token, this may result in account theft.
TLS 1.1 and later have been improved to use an explicit initialization vector
strategy, rendering them immune to this type of attack.
Most browser vendors have released updates which prevent this attack, but some affected browsers still remain at this time, so it is still advisable also to fix the problem on the server side. SSLv3 and TLS 1.0 should be disabled on the server as follows:
Apache: Set the following directive in the Apache configuration file. (The -TLSv1 argument requires Apache 2.2.24 or higher or an update from your Linux vendor.)
SSLProtocol all -SSLv2 -SSLv3 -TLSv1
IIS: See [http://support.microsoft.com/kb/245030] KB245030 and [https://support.microsoft.com/en-us/kb/187498] KB187498.
Note that disabling SSLv3 and TLS 1.0 entirely on the server may affect the usability of the web site, as some web browsers may not yet support TLS 1.1.
Thai Duong wrote a detailed [http://vnhacker.blogspot.com/2011/09/beast.html] blog post about this attack, including a video demonstration.
Adam Langley wrote a helpful [http://www.imperialviolet.org/2011/09/23/chromeandbeast.html] blog post that helps highlight concerns for both browser vendors and website hosts.
Rob VanderBrink of SANS Internet Storm Center [http://isc.sans.edu/diary.html?storyid=11629] posted a blog update detailing TLS 1.1/1.2 support in many common browsers as of September, 2011.
Eric Rescorla wrote a [http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html] detailed blog post explaining how the attack works in detail and analyzing the security impact of this vulnerability.
Service: 587:TCP
Server accepted TLS 1.0 CBC cipher: TLS_RSA_WITH_3DES_EDE_CBC_SHA
server is susceptible to BEAST attack
192.168.150.163
192.168.150.163
Linux 2.6.18 - 2.6.22
Mar 22 13:22:35 2017
new
Potential Problem
CVE-2011-3389
4.3
A remote attacker with the ability to sniff network traffic could decrypt an
encrypted session.
Cipher Block Chaining (CBC) is an encryption mode of operation where the decryption of each block of encrypted text depends on all of the preceding blocks. CBC requires an Initialization Vector, a block of bits which starts the encryption and ensures that the encrypted text is unique. The SSLv3 and TLS 1.0 protocols may encrypt data using Cipher Block Chaining
ciphers that use chained initialization vectors.
SSL/TLS CBC Initialization Vector Prediction
10/28/11
CVE 2011-3389
The Browser Exploit against SSL/TLS (BEAST) may allow an attacker to perform
a man-in-the-middle attack to obtain plain-text HTTP headers by conducting a
blockwise chosen-boundary attack (BCBA) against an HTTPS session.
This attack is an extension of two previously
disclosed attacks against SSL. The first of these attacks was detailed by
Gregory Bard in May 2004 (The
Vulnerability of SSL to Chosen Plaintext Attack). This research showed
that cipher block chaining mode used by SSL is vulnerable to decryption in
cases where the attacker can control part of the plaintext. This attack proved
to be difficult to implement against HTTPS sessions due to the attackers'
inability to control the contents. This attack method was extended to support
TLS 1.0 and improved in April 2006 (A
Challenging but Feasible Blockwise-Adaptive Chosen-Plaintext Attack on
SSL).
In September 2011, Juliano Rizzo and Thai Duong presented a modern iteration
of this attack that utilized Java or HTML5 WebSockets as an entry-point for
attackers. Using this method, attackers could host a malicious website that,
when visited by victims, uses Java or WebSockets to establish a connection to
any secured 3rd party website of their choice. If the user has an active
session to the targeted 3rd party site, any cookies he or she has saved will also
be sent. Since the attacker is initiating this request, he can control the
length of the requested resource, allowing him to position the cookie on a
block boundary. The attacker also knows part of the cleartext. If this can be
done in a man-in-the-middle scenario, the attacker will be able to intercept
this encrypted request and decrypt it off-line to obtain the cookie. If the
cookie contains an authentication token, this may result in account theft.
TLS 1.1 and later have been improved to use an explicit initialization vector
strategy, rendering them immune to this type of attack.
Most browser vendors have released updates which prevent this attack, but some affected browsers still remain at this time, so it is still advisable also to fix the problem on the server side. SSLv3 and TLS 1.0 should be disabled on the server as follows:
Apache: Set the following directive in the Apache configuration file. (The -TLSv1 argument requires Apache 2.2.24 or higher or an update from your Linux vendor.)
SSLProtocol all -SSLv2 -SSLv3 -TLSv1
IIS: See [http://support.microsoft.com/kb/245030] KB245030 and [https://support.microsoft.com/en-us/kb/187498] KB187498.
Note that disabling SSLv3 and TLS 1.0 entirely on the server may affect the usability of the web site, as some web browsers may not yet support TLS 1.1.
Thai Duong wrote a detailed [http://vnhacker.blogspot.com/2011/09/beast.html] blog post about this attack, including a video demonstration.
Adam Langley wrote a helpful [http://www.imperialviolet.org/2011/09/23/chromeandbeast.html] blog post that helps highlight concerns for both browser vendors and website hosts.
Rob VanderBrink of SANS Internet Storm Center [http://isc.sans.edu/diary.html?storyid=11629] posted a blog update detailing TLS 1.1/1.2 support in many common browsers as of September, 2011.
Eric Rescorla wrote a [http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html] detailed blog post explaining how the attack works in detail and analyzing the security impact of this vulnerability.
Service: https
Server accepted TLS 1.0 CBC cipher: TLS_RSA_WITH_AES_128_CBC_SHA
server is susceptible to BEAST attack
192.168.150.163
192.168.150.163
Linux 2.6.18 - 2.6.22
Mar 22 13:22:35 2017
new
Potential Problem
CVE-2011-3389
4.3
A remote attacker with the ability to sniff network traffic could decrypt an
encrypted session.
Cipher Block Chaining (CBC) is an encryption mode of operation where the decryption of each block of encrypted text depends on all of the preceding blocks. CBC requires an Initialization Vector, a block of bits which starts the encryption and ensures that the encrypted text is unique. The SSLv3 and TLS 1.0 protocols may encrypt data using Cipher Block Chaining
ciphers that use chained initialization vectors.
SSL/TLS CBC Initialization Vector Prediction
10/28/11
CVE 2011-3389
The Browser Exploit against SSL/TLS (BEAST) may allow an attacker to perform
a man-in-the-middle attack to obtain plain-text HTTP headers by conducting a
blockwise chosen-boundary attack (BCBA) against an HTTPS session.
This attack is an extension of two previously
disclosed attacks against SSL. The first of these attacks was detailed by
Gregory Bard in May 2004 (The
Vulnerability of SSL to Chosen Plaintext Attack). This research showed
that cipher block chaining mode used by SSL is vulnerable to decryption in
cases where the attacker can control part of the plaintext. This attack proved
to be difficult to implement against HTTPS sessions due to the attackers'
inability to control the contents. This attack method was extended to support
TLS 1.0 and improved in April 2006 (A
Challenging but Feasible Blockwise-Adaptive Chosen-Plaintext Attack on
SSL).
In September 2011, Juliano Rizzo and Thai Duong presented a modern iteration
of this attack that utilized Java or HTML5 WebSockets as an entry-point for
attackers. Using this method, attackers could host a malicious website that,
when visited by victims, uses Java or WebSockets to establish a connection to
any secured 3rd party website of their choice. If the user has an active
session to the targeted 3rd party site, any cookies he or she has saved will also
be sent. Since the attacker is initiating this request, he can control the
length of the requested resource, allowing him to position the cookie on a
block boundary. The attacker also knows part of the cleartext. If this can be
done in a man-in-the-middle scenario, the attacker will be able to intercept
this encrypted request and decrypt it off-line to obtain the cookie. If the
cookie contains an authentication token, this may result in account theft.
TLS 1.1 and later have been improved to use an explicit initialization vector
strategy, rendering them immune to this type of attack.
Most browser vendors have released updates which prevent this attack, but some affected browsers still remain at this time, so it is still advisable also to fix the problem on the server side. SSLv3 and TLS 1.0 should be disabled on the server as follows:
Apache: Set the following directive in the Apache configuration file. (The -TLSv1 argument requires Apache 2.2.24 or higher or an update from your Linux vendor.)
SSLProtocol all -SSLv2 -SSLv3 -TLSv1
IIS: See [http://support.microsoft.com/kb/245030] KB245030 and [https://support.microsoft.com/en-us/kb/187498] KB187498.
Note that disabling SSLv3 and TLS 1.0 entirely on the server may affect the usability of the web site, as some web browsers may not yet support TLS 1.1.
Thai Duong wrote a detailed [http://vnhacker.blogspot.com/2011/09/beast.html] blog post about this attack, including a video demonstration.
Adam Langley wrote a helpful [http://www.imperialviolet.org/2011/09/23/chromeandbeast.html] blog post that helps highlight concerns for both browser vendors and website hosts.
Rob VanderBrink of SANS Internet Storm Center [http://isc.sans.edu/diary.html?storyid=11629] posted a blog update detailing TLS 1.1/1.2 support in many common browsers as of September, 2011.
Eric Rescorla wrote a [http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html] detailed blog post explaining how the attack works in detail and analyzing the security impact of this vulnerability.
Service: smtp
Server accepted TLS 1.0 CBC cipher: TLS_RSA_WITH_3DES_EDE_CBC_SHA
SSL/TLS server supports RC4 ciphers
192.168.150.163
192.168.150.163
Linux 2.6.18 - 2.6.22
Mar 22 13:22:35 2017
new
Potential Problem
CVE-2013-2566 CVE-2015-2808
4.3
A remote attacker with the ability to sniff network
traffic could decrypt an encrypted session.
Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL),
are encryption protocols used to ensure confidentiality as
information travels across the Internet. They are commonly
used between web browsers and web servers to protect
sensitive data such as passwords and credit card numbers.
At the beginning of a TLS/SSL session, the client and server
negotiate the encryption algorithm, known as a cipher. RC4 (Rivest Cipher 4) is a stream cipher which is commonly used in TLS/SSL sessions.
Ciphertext Bias Weakness
CVE 2013-2566
The encrypted stream which is output by the RC4 cipher contains small biases. This results in ciphertext which isn't truly random when the same plaintext is encrypted with different RC4 keys. This could make it easier for an attacker who can view network traffic to decrypt parts of the plaintext which are typically encrypted many types, such as browser cookies, ultimately leading to session hijacking.
Invariance Weakness and Bar Mitzvah attack
04/28/15
CVE 2015-2808
Some RC4 keys contain a pattern which causes part of the state permutation to remain intact throughout the initialization process, resulting in leakage of plaintext bytes. This is known as the Invariance Weakness. This weakness can be used to partially decrypt TLS/SSL sessions which use affected keys in an attack known as Bar Mitzvah. An attacker would need to be able to sniff network traffic in order to exploit this vulnerability, and most RC4 keys do not have this weakness.
For Apache mod_ssl web servers, add !RC4 to the [http://httpd.apache.org/docs/2.0/mod/mod_ssl.html#sslciphersuite] SSLCipherSuite
directive in the configuration file to disable RC4 ciphers.
For Microsoft IIS web servers, disable RC4 ciphers as described in Microsoft knowledge base article
[http://support.microsoft.com/kb/245030] 245030.
For other types of web servers, consult the web server
documentation to find out how to disable RC4 ciphers.
For more information on the ciphertext bias weakness, see the blog post [http://blog.cryptographyengineering.com/2013/03/attack-of-week-rc4-is-kind-of-broken-in.html] Attack of the Week: RC4 is kind of broken in TLS.
For more information on the Invariance Weakness and Bar Mitzvah attack, see [http://securityaffairs.co/wordpress/35352/hacking/bar-mitzvah-attack-on-rc4.html] Security Affairs and Imperva's paper,
[http://www.imperva.com/docs/HII_Attacking_SSL_when_using_RC4.pdf] Attacking SSL when using RC4.
Service: smtp
Server accepted TLS 1.0 RC4 cipher: TLS_RSA_WITH_RC4_128_SHA
SSL/TLS server supports RC4 ciphers
192.168.150.163
192.168.150.163
Linux 2.6.18 - 2.6.22
Mar 22 13:22:35 2017
new
Potential Problem
CVE-2013-2566 CVE-2015-2808
4.3
A remote attacker with the ability to sniff network
traffic could decrypt an encrypted session.
Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL),
are encryption protocols used to ensure confidentiality as
information travels across the Internet. They are commonly
used between web browsers and web servers to protect
sensitive data such as passwords and credit card numbers.
At the beginning of a TLS/SSL session, the client and server
negotiate the encryption algorithm, known as a cipher. RC4 (Rivest Cipher 4) is a stream cipher which is commonly used in TLS/SSL sessions.
Ciphertext Bias Weakness
CVE 2013-2566
The encrypted stream which is output by the RC4 cipher contains small biases. This results in ciphertext which isn't truly random when the same plaintext is encrypted with different RC4 keys. This could make it easier for an attacker who can view network traffic to decrypt parts of the plaintext which are typically encrypted many types, such as browser cookies, ultimately leading to session hijacking.
Invariance Weakness and Bar Mitzvah attack
04/28/15
CVE 2015-2808
Some RC4 keys contain a pattern which causes part of the state permutation to remain intact throughout the initialization process, resulting in leakage of plaintext bytes. This is known as the Invariance Weakness. This weakness can be used to partially decrypt TLS/SSL sessions which use affected keys in an attack known as Bar Mitzvah. An attacker would need to be able to sniff network traffic in order to exploit this vulnerability, and most RC4 keys do not have this weakness.
For Apache mod_ssl web servers, add !RC4 to the [http://httpd.apache.org/docs/2.0/mod/mod_ssl.html#sslciphersuite] SSLCipherSuite
directive in the configuration file to disable RC4 ciphers.
For Microsoft IIS web servers, disable RC4 ciphers as described in Microsoft knowledge base article
[http://support.microsoft.com/kb/245030] 245030.
For other types of web servers, consult the web server
documentation to find out how to disable RC4 ciphers.
For more information on the ciphertext bias weakness, see the blog post [http://blog.cryptographyengineering.com/2013/03/attack-of-week-rc4-is-kind-of-broken-in.html] Attack of the Week: RC4 is kind of broken in TLS.
For more information on the Invariance Weakness and Bar Mitzvah attack, see [http://securityaffairs.co/wordpress/35352/hacking/bar-mitzvah-attack-on-rc4.html] Security Affairs and Imperva's paper,
[http://www.imperva.com/docs/HII_Attacking_SSL_when_using_RC4.pdf] Attacking SSL when using RC4.
Service: 587:TCP
Server accepted TLS 1.0 RC4 cipher: TLS_RSA_WITH_RC4_128_SHA
SSL/TLS server supports short block sizes (SWEET32 attack)
192.168.150.163
192.168.150.163
Linux 2.6.18 - 2.6.22
Mar 22 13:22:35 2017
new
Potential Problem
CVE-2016-2183
5.0
A remote attacker with the ability to sniff network traffic could decrypt long-lived TLS or SSL sessions.
A Block Cipher is an encryption algorithm which operates on a fixed-size block of data. Plaintext messages which are larger than the block size must be split into multiple blocks before being encrypted by the algorithm.
SWEET32 Attack
08/29/16
CVE 2016-2183
Block ciphers with small block sizes are susceptible to a class of attacks known as birthday attacks.
These attacks take advantage of multiple blocks which return identical ciphertext, known as collisions. The probability of collisions occurring becomes significant after a large number of blocks have been encrypted using the same key.
The SWEET32 attack is a specific birthday attack which reveals the XOR (exclusive-OR) between a fixed secret and known plaintext, thus allowing the secret to be determined.
This attack can be launched in a browser session by javascript code which makes repeated requests containing an authentication token and predictable headers.
Successful exploitation requires about 785 GB of data to be captured, and the attacker must be able to inject javascript into a web session and to sniff data from the network.
Disable ciphers which have a 64-bit block size, such as Triple-DES as follows:
Apache/OpenSSL: Upgrade to OpenSSL 1.1.0, which disables Triple-DES ciphers by default. Alternatively, upgrade to OpenSSL 1.0.1u or 1.0.2i or higher, which classify Triple-DES ciphers as MEDIUM, and insert !MEDIUM in the SSLCipherSuite directive in the appropriate web server configuration file.
IIS: Disable DES and 3DES ciphers as described in Microsoft Knowledge Base Article
[http://support.microsoft.com/kb/245030] 245030.
Note: disabling Triple-DES ciphers may affect compatibility with older clients.
For more information on the SWEET32 attack, see
[https://sweet32.info] sweet32.info and the
[https://bobcares.com/blog/how-to-fix-sweet32-birthday-attacks-vulnerability-cve-2016-2183/] Bobcares Blog.
Service: smtp
Server accepted TLS 1.0 64-bit block size cipher: TLS_RSA_WITH_3DES_EDE_CBC_SHA
SSL/TLS server supports short block sizes (SWEET32 attack)
192.168.150.163
192.168.150.163
Linux 2.6.18 - 2.6.22
Mar 22 13:22:35 2017
new
Potential Problem
CVE-2016-2183
5.0
A remote attacker with the ability to sniff network traffic could decrypt long-lived TLS or SSL sessions.
A Block Cipher is an encryption algorithm which operates on a fixed-size block of data. Plaintext messages which are larger than the block size must be split into multiple blocks before being encrypted by the algorithm.
SWEET32 Attack
08/29/16
CVE 2016-2183
Block ciphers with small block sizes are susceptible to a class of attacks known as birthday attacks.
These attacks take advantage of multiple blocks which return identical ciphertext, known as collisions. The probability of collisions occurring becomes significant after a large number of blocks have been encrypted using the same key.
The SWEET32 attack is a specific birthday attack which reveals the XOR (exclusive-OR) between a fixed secret and known plaintext, thus allowing the secret to be determined.
This attack can be launched in a browser session by javascript code which makes repeated requests containing an authentication token and predictable headers.
Successful exploitation requires about 785 GB of data to be captured, and the attacker must be able to inject javascript into a web session and to sniff data from the network.
Disable ciphers which have a 64-bit block size, such as Triple-DES as follows:
Apache/OpenSSL: Upgrade to OpenSSL 1.1.0, which disables Triple-DES ciphers by default. Alternatively, upgrade to OpenSSL 1.0.1u or 1.0.2i or higher, which classify Triple-DES ciphers as MEDIUM, and insert !MEDIUM in the SSLCipherSuite directive in the appropriate web server configuration file.
IIS: Disable DES and 3DES ciphers as described in Microsoft Knowledge Base Article
[http://support.microsoft.com/kb/245030] 245030.
Note: disabling Triple-DES ciphers may affect compatibility with older clients.
For more information on the SWEET32 attack, see
[https://sweet32.info] sweet32.info and the
[https://bobcares.com/blog/how-to-fix-sweet32-birthday-attacks-vulnerability-cve-2016-2183/] Bobcares Blog.
Service: https
Server accepted TLS 1.0 64-bit block size cipher: TLS_RSA_WITH_3DES_EDE_CBC_SHA
SSL/TLS server supports short block sizes (SWEET32 attack)
192.168.150.163
192.168.150.163
Linux 2.6.18 - 2.6.22
Mar 22 13:22:35 2017
new
Potential Problem
CVE-2016-2183
5.0
A remote attacker with the ability to sniff network traffic could decrypt long-lived TLS or SSL sessions.
A Block Cipher is an encryption algorithm which operates on a fixed-size block of data. Plaintext messages which are larger than the block size must be split into multiple blocks before being encrypted by the algorithm.
SWEET32 Attack
08/29/16
CVE 2016-2183
Block ciphers with small block sizes are susceptible to a class of attacks known as birthday attacks.
These attacks take advantage of multiple blocks which return identical ciphertext, known as collisions. The probability of collisions occurring becomes significant after a large number of blocks have been encrypted using the same key.
The SWEET32 attack is a specific birthday attack which reveals the XOR (exclusive-OR) between a fixed secret and known plaintext, thus allowing the secret to be determined.
This attack can be launched in a browser session by javascript code which makes repeated requests containing an authentication token and predictable headers.
Successful exploitation requires about 785 GB of data to be captured, and the attacker must be able to inject javascript into a web session and to sniff data from the network.
Disable ciphers which have a 64-bit block size, such as Triple-DES as follows:
Apache/OpenSSL: Upgrade to OpenSSL 1.1.0, which disables Triple-DES ciphers by default. Alternatively, upgrade to OpenSSL 1.0.1u or 1.0.2i or higher, which classify Triple-DES ciphers as MEDIUM, and insert !MEDIUM in the SSLCipherSuite directive in the appropriate web server configuration file.
IIS: Disable DES and 3DES ciphers as described in Microsoft Knowledge Base Article
[http://support.microsoft.com/kb/245030] 245030.
Note: disabling Triple-DES ciphers may affect compatibility with older clients.
For more information on the SWEET32 attack, see
[https://sweet32.info] sweet32.info and the
[https://bobcares.com/blog/how-to-fix-sweet32-birthday-attacks-vulnerability-cve-2016-2183/] Bobcares Blog.
Service: 587:TCP
Server accepted TLS 1.0 64-bit block size cipher: TLS_RSA_WITH_3DES_EDE_CBC_SHA
587/TCP
192.168.150.163
192.168.150.163
Linux 2.6.18 - 2.6.22
Mar 22 13:22:35 2017
new
Service
220 mail.securednet.ca ESMTP ready
SMTP
192.168.150.163
192.168.150.163
Linux 2.6.18 - 2.6.22
Mar 22 13:22:35 2017
new
Service
220 mail.securednet.ca ESMTP ready
WWW
192.168.150.163
192.168.150.163
Linux 2.6.18 - 2.6.22
Mar 22 13:22:35 2017
new
Service
HTTP/1.1 403 Forbidden
Date: Wed, 22 Mar 2017 17:18:01 GMT
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset="UTF-8"
Content-Length:
WWW (Secure)
192.168.150.163
192.168.150.163
Linux 2.6.18 - 2.6.22
Mar 22 13:22:35 2017
new
Service
HTTP/1.1 403 Forbidden
Date: Wed, 22 Mar 2017 17:18:01 GMT
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset="UTF-8"
Content-Length:
urd (465/TCP)
192.168.150.163
192.168.150.163
Linux 2.6.18 - 2.6.22
Mar 22 13:22:35 2017
new
Service
220 mail.securednet.ca ESMTP ready