2.CVE-2016-2183规避方案:
配置非DES,3DES的算法
[H3C-ssl-server-policy-fxm]ciphersuite ?
dhe_rsa_aes_128_cbc_sha Cipher suite that uses DHE RSA, 128-bit AES_CBC, and SHA
dhe_rsa_aes_256_cbc_sha Cipher suite that uses DHE RSA, 256-bit AES_CBC, and SHA
exp_rsa_des_cbc_sha Export cipher suite that uses RSA, DES_CBC, and SHA
exp_rsa_rc2_md5 Export cipher suite that uses RSA, RC2, and MD5
exp_rsa_rc4_md5 Export cipher suite that uses RSA, RC4, and MD5
rsa_3des_ede_cbc_sha Cipher suite that uses RSA, 3DES_EDE_CBC, and SHA
rsa_aes_128_cbc_sha Cipher suite that uses RSA, 128-bit AES_CBC, and SHA
rsa_aes_256_cbc_sha Cipher suite that uses RSA, 256-bit AES_CBC, and SHA
rsa_des_cbc_sha Cipher suite that uses RSA, DES_CBC, and SHA
rsa_rc4_128_md5 Cipher suite that uses RSA, 128-bit RC4, and MD5
rsa_rc4_128_sha Cipher suite that uses RSA, 128-bit RC4, and SHA
重启https服务。
undo ip https enable
ip https enable
没权限访问
2.CVE-2016-2183规避方案: 配置非DES,3DES的算法 [H3C-ssl-server-policy-fxm]ciphersuite ? dhe_rsa_aes_128_cbc_sha Cipher suite that uses DHE RSA, 128-bit AES_CBC, and SHA dhe_rsa_aes_256_cbc_sha Cipher suite that uses DHE RSA, 256-bit AES_CBC, and SHA exp_rsa_des_cbc_sha Export cipher suite that uses RSA, DES_CBC, and SHA exp_rsa_rc2_md5 Export cipher suite that uses RSA, RC2, and MD5 exp_rsa_rc4_md5 Export cipher suite that uses RSA, RC4, and MD5 rsa_3des_ede_cbc_sha Cipher suite that uses RSA, 3DES_EDE_CBC, and SHA rsa_aes_128_cbc_sha Cipher suite that uses RSA, 128-bit AES_CBC, and SHA rsa_aes_256_cbc_sha Cipher suite that uses RSA, 256-bit AES_CBC, and SHA rsa_des_cbc_sha Cipher suite that uses RSA, DES_CBC, and SHA rsa_rc4_128_md5 Cipher suite that uses RSA, 128-bit RC4, and MD5 rsa_rc4_128_sha Cipher suite that uses RSA, 128-bit RC4, and SHA 重启https服务。 undo ip https enable ip https enable
防火墙这样规避了,我IMC是Windows的,能进这个命令行吗