Hauptmenü öffnen

Siwecos β

Weak-DE-Encryption-SMTP/EN

Version vom 26. Oktober 2019, 12:10 Uhr von Siwebot (Diskussion | Beiträge) (Die Seite wurde neu angelegt: „=== {{:{{PAGENAME}}/Headline}} === If the result is positive, there is no need for further action. If the result is negative, please read the following inst…“)
(Unterschied) ← Nächstältere Version | Aktuelle Version (Unterschied) | Nächstjüngere Version → (Unterschied)

Check for DES encryption

If the result is positive, there is no need for further action. If the result is negative, please read the following instructions.

Result positive No outdated DES encryption supported
Result negativ Obsolete DES encryption supported
Description Your server is configured to support the encryption feature DES (Cipher Suites), which is now considered insecure. This allows Man-in-the-middle attacks.
Background The term Cipher Suite stands for a collection of cryptographic methods used (encryption of information). This collection includes the key exchange method, digital signature, encryption and cryptographic hash functions. This combination of cryptographic components ensures a secure connection between two parties, e.g. your mail program and a server. In the TLS protocol, the Cipher Suite (cryptographic procedure) determines which algorithms are to be used to establish a secure data connection and is decisively responsible for the security of the connection.
Consequence Attackers can use DES encryption to decrypt the communication between your server and your customer's mail-client, as DES does not offer sufficient security. This can be used to decrypt mail content and misuse them for criminal purposes.
Solution/Tips If Obsolete DES encryption supported was reported, disable support for DES Cipher Suites in your web server software.