[研究] Key exchange (dh 1024) of lower strength than certificate key
2017-10-31
nmap --script ssl-cert,ssl-enum-ciphers -p 443 網址或IP
結果其中兩行
Key exchange (dh 1024) of lower strength than certificate key
Key exchange (secp192r1) of lower strength than certificate key
簡單的說,第一個情況是 Key exchange (dh 1024) 表示金鑰交換使用 dh 1024 bits 模式,但是某 Cipher 交換的 Key 是 2048 bits 的 RSA Key。
dh 是 DH modes ("Diffie-Hellmann")
(待續)
相關
nmap : “Key Exchange (dh 1024) of lower strength than certificate key”
http://blog.kernelsecurity.es/2017/05/29/nmap-key-exchange-dh-1024-of-lower-strength-than-certificate-key/
How to Disable Weak Ciphers and SSL 2.0 in Applicare
https://helpdesk.arcturustech.com/hc/en-us/community/posts/115000473226-How-to-Disable-Weak-Ciphers-and-SSL-2-0-in-Applicare
TLS Cipher Suites in Windows 7
https://msdn.microsoft.com/en-us/library/windows/desktop/mt767780(v=vs.85).aspx
沒有留言:
張貼留言