Project

General

Profile

action #27094

PFS Setup for Kopano

Added by flacco over 4 years ago. Updated about 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
-
Target version:
Start date:
2017-10-28
Due date:
% Done:

100%

Estimated time:

Description

I've run a test scan with the vulnerability scanner OpenVAS against our invis-Server. As one result it shows that all Kopano services and cups are susceptible against the SWEET32 attack, caused by allowing the 3DES algorithem.

We have to exclude 3DES from the allowed cipher suites in this programs.

History

#1 Updated by ingogoeppert over 4 years ago

  • Category changed from 364 to Developement

#2 Updated by ingogoeppert over 4 years ago

  • Project changed from invis-server to invisAD-setup
  • Category deleted (Developement)
  • Target version deleted (13.1)

#3 Updated by flacco over 4 years ago

  • Target version set to 14.0

#4 Updated by flacco over 4 years ago

  • Status changed from New to In Progress
  • % Done changed from 0 to 80

The 3DES algorithm is now excluded from kopanos ciphers in server, gateway and ical configuration.

Now we have to test it with clients like thunderbird and outlook.

#5 Updated by flacco about 4 years ago

  • Status changed from In Progress to Closed
  • % Done changed from 80 to 100

The new setup is running on a few of our productive invis-servers. No problems yet. "Works for me"

Also available in: Atom PDF