Moinul_Rony
Jan 08, 2015Altostratus
Removing Poodle TLS padding vulnerability returns RC4 warning
Hi,
We are running F5 LTM version 11.2. Recently we disabled the RC4 weak CIPHER to remove the Minimal warning from our PCI scan.
But due to the recent arrival of Poodle TLS vulnarability we had to introduce RC4-SHA:!SSLv3 which brought back the Minimal warning for having RC4 in the acceptable CIPHER.
How can we over come this?
This was done via F5 support suggestion. (https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.html)
Previous CIPHER: NATIVE:DHE+HIGH:!SSLv3:!NULL:!RC4:!MD5:!EXP:!LOW:!EXPORT:!DES:@SPEED New CIPHER to remove Poodle TLS: RC4-SHA:!SSLv3:!NULL:!MD5:!EXP:!LOW:!EXPORT:!DES:!DHE:!EDH:@SPEED:@STRENGTH