Hi, OSSEC v2.8.3 uses the method SSLv23, that is version-flexible and negotiates the highest protocol mutually supported by the manager and the agent, preferably TLS v1.2.
The new OSSEC v2.9 will use the method TLSv12, that forces to establish the TLS v1.2 protocol and rejects the connection if one of the peers doesn't support it. Best regards. Victor. On Thursday, November 3, 2016 at 5:29:33 PM UTC+1, dan (ddpbsd) wrote: > > On Thu, Nov 3, 2016 at 12:18 PM, john homer alvero <john...@gmail.com > <javascript:>> wrote: > > Hello, > > > > Is there a way for ossec-authd to establish TLS1.2 only? The reason im > > asking is that our vulnerability scanner is flagging the ossec-authd > port > > 1515 as insecure because of support for RC4 and other non-tls1.2 > protocols. > > > > You'll have to modify the source. > > > -- > > > > --- > > You received this message because you are subscribed to the Google > Groups > > "ossec-list" group. > > To unsubscribe from this group and stop receiving emails from it, send > an > > email to ossec-list+...@googlegroups.com <javascript:>. > > For more options, visit https://groups.google.com/d/optout. > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
