Does this request not apply to stunnel? I don not recall seeing these as setting within the stunnel configuration file, so this may be an irrelevant question.
From: mike_curran@hotmail.com To: stunnel-users@stunnel.org Date: Thu, 7 Aug 2014 12:55:36 -0500 Subject: [stunnel-users] SSL Server Allows Anonymous Authentication Vulnerability
I am looking at this vulnerability reported from McAfee -- but we use stunnel to secure our communications and not the application directly. Are these settings that I can make within the stunnel config -- or something comparable? SSLProtocol -ALL +SSLv3 +TLSv1 SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM
_______________________________________________ stunnel-users mailing list stunnel-users@stunnel.org https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users