2 Replies Latest reply on Oct 6, 2011 5:24 AM by QM_SSJ4

    BEAST Attack - Not Vulnerably

    Mark Shaw Level 1

      Hi

       

      Firstly...SLLlabs is a fantastic tool

       

      Question - How does a site pass the BEAST check, exactly what are you looking for?

       

      Cheers

        • BEAST Attack - Not Vulnerably
          Ivan Ristic Level 5

          Although there are several ways to mitigate BEAST, we are currently testing for one of them -- forced use of RC4 ciphers. Our test looks for two conditions: 1) server must choose cipher suites and 2) servers must choose RC4 if offered.

           

          We will be implementing other tests soon.

          1 of 1 people found this helpful