SergeyAU_168519
Feb 23, 2016Nimbostratus
Logjam and FREAK using BIG-IP 9.4.3 - please help!
Hello Have a number of sites running on the old BIG-IP 9.4.3 box that business just does not want to upgrade We have mitigated the previous SSL vulnerabilities by setting the SSL profile ciphers to DEFAULT:!SSLv3 and its only talking TLS 1.0 now.
Was checking the site in SSLLABS today and its a big, fat, red F =(
- This server supports insecure Diffie-Hellman (DH) key exchange parameters (Logjam)
- This server supports 512-bit export suites and might be vulnerable to the FREAK attack
I know its old, but is there anything can be done to keep it going? Below is SSL LABS reported: