2 Replies Latest reply: May 15, 2012 9:19 AM by lenin km RSS

BEAST attack on TLS  in pound

lenin km

Hello,

 

I have configured my CipherSuite in "pound" (http://www.apsis.ch/pound/index_html) as per the folowing post "https://community.qualys.com/blogs/securitylabs/2011/10/17/mitigating-the-beast-attack-on-tls" but the BEAST attack still showing on scanning report . Please help  me to solving this issue.

 

Details:

 

My current Ciphersuit settings : "ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH"

Openssl version : "OpenSSL 1.0.1c 10 May 2012"

Scanning report  : https://www.ssllabs.com/ssltest/analyze.html?d=staging.getcoventryone.com

 

Thanks

~Lenin