2 Replies Latest reply on May 15, 2012 9:19 AM by lenin km

    BEAST attack on TLS  in pound

    lenin km Lurker

      Hello,

       

      I have configured my CipherSuite in "pound" (http://www.apsis.ch/pound/index_html) as per the folowing post "https://community.qualys.com/blogs/securitylabs/2011/10/17/mitigating-the-beast-attack-on-tls" but the BEAST attack still showing on scanning report . Please help  me to solving this issue.

       

      Details:

       

      My current Ciphersuit settings : "ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH"

      Openssl version : "OpenSSL 1.0.1c 10 May 2012"

      Scanning report  : https://www.ssllabs.com/ssltest/analyze.html?d=staging.getcoventryone.com

       

      Thanks

      ~Lenin