Wednesday, March 15, 2017

How to clear Nessus Plugin 42873 on Security Center

I use Security Center with Nessus scanners from Tenable to do vulnerability scanning on my servers. Sometimes the scanner finds hits on itself, such as a hit on plugin 42873 "SSL Medium Strength Cipher Suites Supported" on the Security Center. Below I show the steps needed to disable 3DES on Security Center..

To disable 3DES within Security Center do the following:
1. Open the file /opt/sc/support/conf/sslciphers.conf

2. Search for DES-CBC3-SHA

3. After the colon that precedes the above string, add an exclamation mark which is the signal to disable the given cipher.

4. The whole string should look like :!DES-CBC3-SHA:

Once complete, restart the SC service and complete a rescan and this vulnerability should be remediation.

To clear the other part of this hit, make sure the server is using SSL ciphers have encryption key length of over 112 bits. 

Reference Plugin 42873
https://www.openssl.org/blog/blog/2016/08/24/sweet32/

No comments:

Post a Comment