can you tell me how i can close below vulnerability and closed it:-
1- Birthday attacks against TLS ciphers with 64bit block size vulnerability (Sweet32).
Look at the Results section of the report. It will tell you which protocol has 3DES enabled and which port. That will help you figure out how/where to disable it.
disable 3DES cipher suites
Looks like Qualys changes this from a 'PCI Fail' to 'PCI Pass' on 4/28 as my most recent scan just passed even though the Vuln is still detected. I can see it's no longer a PCI Failure in the scan results and KB QID.
While I'm happy I'm passing, there was quite hullabaloo when Qualys first released this QID as it was detected across my ENV. We were able to leverage the PCI Fail to kickstart removal of 3DES (something we've been trying to do for quite some time) altogether. Now that it's no longer an auto-fail, I fear this momentum will be lost.
I wish this was left alone.
can you tell me how we can disable the disable 3DES cipher suites.
Retrieving data ...