Unencrypted-Communication-POP3/EN

Aus Siwecos
Version vom 7. Mai 2020, 10:40 Uhr von Siwebot (Diskussion | Beiträge)
(Unterschied) ← Nächstältere Version | Aktuelle Version (Unterschied) | Nächstjüngere Version → (Unterschied)
Wechseln zu: Navigation, Suche

Check for NULL ciphers

If the result is positive, there is no need for further action. If the result is negative, please read the following instructions.

Result positive Unsecure NULL ciphers supported
Result negativ Unsecure NULL ciphers supported
Description Your server is configured to allow unencrypted communication over a protected channel. This allows man-in-the-middle attacks.
Background The term Cipher Suite stands for a collection of cryptographic methods used (encryption of information). This collection includes the key exchange procedure, the signature procedure, the encryption and cryptographic hash functions. This combination of cryptographic components ensures a secure connection between two parties, e.g. your mail program and a server. In the TLS protocol, the cipher suite (cryptographic procedure) determines which algorithms are to be used to establish a secure data connection and is responsible for the security of the connection.
Consequence Attackers can easily decrypt the communication between your server and the mail program using a weak encryption methodology. This can be used, for example, to read passwords, e-mails or credit card information and misuse them for criminal purposes.
Solution/Tips If insecure NULL ciphers supported was reported, disable support for NULL encryption methods.