23 Apr
2004
23 Apr
'04
5:49 p.m.
I have dovecot running as a pop3s server on port 995
it works great with sendmail and I run nessus to check security issues nessus reports this The SSLv2 server offers 3 strong ciphers, but also 0 medium strength and 2 weak "export class" ciphers. The weak/medium ciphers may be chosen by an export-grade or badly configured client software. They only offer a limited protection against a brute force attack
Solution: disable those ciphers and upgrade your client software if necessary
I have previously disabled weak ciphers in apache but cannot figure out how to disable the weak ciphers in dovecot Any help would be appreciated
john
7509
Age (days ago)
7509
Last active (days ago)
0 comments
1 participants
participants (1)
-
John Wentworth