Nessus scan nrpe 3.2.1 insecure ciphers

Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
Locked
ebuttice
Posts: 10
Joined: Fri May 09, 2014 2:24 pm

Nessus scan nrpe 3.2.1 insecure ciphers

Post by ebuttice »

I'm trying to resolve an issue I am facing at the moment with the latest nrpe 3.2.1 running on Solaris 11.
When nessus scans, it complains that nrpe is using SSL Medium Strength Cipher suites (SWEET32) , ADH-DES-CBC3-SHA Enc=3des-CBC(168) Mac=sha1. Openssl version 102R. How do I turn off this Cipher ? Also, any tools to actually list the ciphers nrpe is accepting ? (remote tool or local tool)

Thanks
User avatar
swolf
Developer
Posts: 294
Joined: Tue Jun 06, 2017 9:48 am

Re: Nessus scan nrpe 3.2.1 insecure ciphers

Post by swolf »

Hi @ebuttice,

For your options with regard to configuring SSL, you'll want to look at the NRPE SSL Readme. If you want to allow/disallow specific ciphers, you'll need to determine that using the ssl_cipher_list directive in nrpe.cfg. You can check the ciphers by checking that file.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy
Locked