General Discussions

VAVERMA

Hi Everyone,

How can we fix this SSL Medium Strength Cipher Suites Supported (SWEET32) Vulnerability in Alteryx VM. Any one has any steps or any one has performed please share you experience we need it.

Name: SSL Medium Strength Cipher Suites Supported (SWEET32)

Description: The remote host supports the use of SSL ciphers that offer medium strength encryption. Nessus regards medium strength as any encryption that uses key lengths at least 64 bits and less than 112 bits, or else that uses the 3DES encryption suite.

Note that it is considerably easier to circumvent medium strength encryption if the attacker is on the same physical network.

Let me know if any more info is required.

Thanks in advance. Looking for the opi

KGT

Your IT will need to disable 3DES on the server. I'm out of practice, but this used to be done through SChannel, and disabling anything under 128-bit. This is not an Alteryx vulnerability, but a Windows one, whereby what needs to be shut down is not in Alteryx, but on Windows.

The ciphers will look like this (TLS_RSA_WITH_3DES_EDE_CBC_SHA) and there will probably be 20-30 of them. This is not an easy "just log in and do it". It should be done by someone that knows about cyber and logged so that it is persisted any time updates happen in the future.

FYI, this was posted in General, rather than server, and without server tagged, so may get less eyes.

General Discussions

How can we fix this SSL Medium Strength Cipher Suites Supported (SWEET32) Vulnerability

Re: Euleryx Project 8 - Largest Product in a Serie...

Re: Euleryx Project 9 - Special Pythagorian Triple...

Re: Euleryx Project 7 - 10 001st Prime

Re: Euleryx Project 7 - 10 001st Prime

AYX TV Cooking Up Excel Outputs workflow