Here's a means to validate that SSLv3 is disable in a fortimail. You can use openssl or your web-browser or a SSLv3 checker.
e.g
https://foundeo.com/products/iis-weak-ssl-ciphers/
Here's a proper disable sslv3 and sslv2 ( Fortimail Appliance )
And a at risk site ( a apache website of mine for testing )
So ensure your fortimail appliance does not except sslv3 connections. In fact all of your website should be secured from sslv3 & sslv2 connections.
To disable sslv3 support;
confg sys gobal
set strong-crypto enable
end
And you can test via the above link or via openssl;
SSLv3 is now known to have flaws and you should stay aware of the Vulnerabilities and any listed CVEs
Ken Felix
NSE ( Network Security Expert) and Route/Switching Engineer.
kfelix -----a----t---- socpuppets ---dot---com
^ ^
=( * * )=
o
/ \
No comments:
Post a Comment