C3rd

I have been auditing our servers security. I was trying to resolved some issues detected by tenable.io, one of the issue raised was the SWEET32. There are few, by I am not disclosing that here. :) To resolve all vulnerabilities, these are my new settings in my postfix (main.cf) :

smtpd_tls_mandatory_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CDC3-SHA, KRB5-DE5, CBC3-SHA, EXP, MEDIUM, ADH, AECDH, DSS, ECDSA, CAMELLIA128, 3DES, CAMELLIA256, RSA+AES
smtpd_tls_mandatory_protocols = !SSLv2 !SLv3 !TLSv1
smtpd_tls_protocols = !SSLv2 !SSLv3 !TLSv1

then restart postfix:

postfix stop; postfix start

that's it. it resolved my issues.

• Home
• Downloads

• Uncategorized
• Personal
  • Madness
  • Wooow!
  • Learn New Things
  • Food and Beverages
  • Love and Pain
  • Wonder
• Info.Tech
  • Madness
  • Wooow!
  • Learn New Things
  • Food and Beverages
  • Love and Pain
  • Wonder
• People
  • Madness
  • Wooow!
  • Learn New Things
  • Food and Beverages
  • Love and Pain
  • Wonder
• Funstuff
  • Madness
  • Wooow!
  • Learn New Things
  • Food and Beverages
  • Love and Pain
  • Wonder
• Death
  • Madness
  • Wooow!
  • Learn New Things
  • Food and Beverages
  • Love and Pain
  • Wonder
• Apple Stuff
  • Madness
  • Wooow!
  • Learn New Things
  • Food and Beverages
  • Love and Pain
  • Wonder

• Apache Web Server
• ASP Immigration Services Ltd.
• CentOS Linux
• Color Scheme Picker
• CSS Button Generator
• Deviant Art Account
• Don Tabaniag - GraphiCult
• Jerson Maglasang Weblog
• Joshua Manlunas
• Mark "mungkey" Vicente
• Matt Arnilo Baluyos
• MySQL
• Paul Labis
• PHP
• PrendStar
• Ridvan Baluyos
• Scott Davies
• SEO Fart XML-RPC Ping Tool
• Stripes Generator
• The Hero
• Ubuntu Linux
• Vim Carlo Nabora (DA)
• Wella Maria Hong
• What is my IP?
• Xavier University - Ateneo de Cagayan
• Zabyer Community