I'm trying to resolve an issue I am facing at the moment with the latest nrpe 3.2.1 running on Solaris 11.
When nessus scans, it complains that nrpe is using SSL Medium Strength Cipher suites (SWEET32) , ADH-DES-CBC3-SHA Enc=3des-CBC(168) Mac=sha1. Openssl version 102R. How do I turn off this Cipher ? Also, any tools to actually list the ciphers nrpe is accepting ? (remote tool or local tool)
Thanks
Nessus scan nrpe 3.2.1 insecure ciphers
Re: Nessus scan nrpe 3.2.1 insecure ciphers
Hi @ebuttice,
For your options with regard to configuring SSL, you'll want to look at the NRPE SSL Readme. If you want to allow/disallow specific ciphers, you'll need to determine that using the ssl_cipher_list directive in nrpe.cfg. You can check the ciphers by checking that file.
For your options with regard to configuring SSL, you'll want to look at the NRPE SSL Readme. If you want to allow/disallow specific ciphers, you'll need to determine that using the ssl_cipher_list directive in nrpe.cfg. You can check the ciphers by checking that file.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy