跳转到主内容

H610S的Nmap扫描报告了密钥强度不足的迪夫-赫尔曼组特有的漏洞

Views:
21
Visibility:
Public
Votes:
0
Category:
solidfire-chassis
Specialty:
solidfire
Last Updated:

适用场景

  • H610S
  • H610C
  • TrITON
  • SolidFire
  • Nmap

问题描述

H610S的BMC的Nmap扫描输出 报告密钥强度不足:

nmap --script ssl-dh-params X.X.X.X
Starting Nmap 7.92 ( https://nmap.org ) at 2023-05-17 12:39 MDT
Nmap
scan report for X.X.X.X
Host is up (0.022s latency).
Not shown: 995 closed tcp ports (conn-refused)
PORT STATE
SERVICE
22/tcp open ssh
80/tcp open http
443/tcp open https
| ssl-dh-params:
| VULNERABLE:
| Diffie-Hellman Key
Exchange Insufficient Group Strength
| State: VULNERABLE
| Transport Layer Security (TLS) services that use
Diffie-Hellman groups
| of insufficient strength, especially those using one of a few commonly
| shared groups, may be
susceptible to passive eavesdropping attacks.
| Check results:
| WEAK DH GROUP 1
| Cipher Suite:
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
| Modulus Type: Non-safe prime
| Modulus Source: RFC5114/1024-bit DSA
group with 160-bit prime order subgroup
| Modulus Length: 1024
| Generator Length: 1024
|
Public Key Length: 1024
| References:
|_ https://weakdh.org
5120/tcp open barracuda-bbs
49153/tcp open unknown
Nmap done: 1 IP address (1 host up) scanned in 15.58 seconds

 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.