Re: [mod-security-users] https://www.modsecurity.org/ TLS 1.0
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] https://www.modsecurity.org/ TLS 1.0
|
From: Reindl H. <h.r...@th...> - 2020-03-13 02:13:31
|
Am 12.03.20 um 22:57 schrieb az...@po...: > Citát Reindl Harald <h.r...@th...>: > >> Am 12.03.20 um 17:57 schrieb Reindl Harald: >>> https://www.modsecurity.org/ >>> >>> seriously? >>> >>> it's not a breaking news that firefox and other browsers are planning >>> disable TLS1.0/1.1 for many months >> >> https://i.imgur.com/wC4IJbs.png shows the by far the dumbest webserver >> setup i have faced in the past 15 years >> >> The server supports only older protocols, but not the current best TLS >> 1.2. Grade capped to C. >> >> This server accepts RC4 cipher, but only with older protocols. Grade >> capped to B. >> >> This server does not support Forward Secrecy with the reference >> browsers. Grade capped to B. >> >> This server does not support Authenticated encryption (AEAD) cipher >> suites. Grade capped to B. >> >> This server supports TLS 1.0. Grade capped to B. >> >> ------------------------ >> >> and yes *i know* that we are *currently* Grade B because *allowing* TLS >> < 1.2 for now for a short time to redirect support calls of endusers as >> dumb as your webadmins to somewhere else > > > Hi guys, > > i can setup it for you, contact me if you are interested, i have almost > 20 years of experiences with linux administration focusing on security. a trained monkey can setup whatever webserver supporting TLS 1.2 and the main question is what nonsense one needs to to for such a result with no TLS 1.2 and no ECDHE https://www.trustwave.com/en-us/ "Cybersecurity and Managed Security Services | Trustwave" - *loool* Name: modsecurity.org Address: 204.13.200.240 NetRange: 204.13.200.0 - 204.13.203.255 CIDR: 204.13.200.0/22 NetName: NET-204-13-200-0-1 NetHandle: NET-204-13-200-0-1 Parent: NET204 (NET-204-0-0-0-0) NetType: Direct Assignment OriginAS: AS33151 Organization: Trustwave Holdings, Inc. (TRUST-7) RegDate: 2005-05-04 Updated: 2012-02-24 Ref: https://rdap.arin.net/registry/ip/204.13.200.0 |
