NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
is disabling SSL2 + 3 possible on GS752TPv2
Hi all, Is it possible to disable SSL2 and 3 on GS752TPv2??We have a Nessus vulnerability scan highlighting that this switch is using unsecure SSL version. Thx Ronnie
True that clients would try highest protocol and crypto first but i guess someone wanting to exploit ssl2 and 3 vulnerability would find a way to force that protocol.
But i take it is not possible?
Sure one could force the protocol to be used on the client side, then e.g. login, while capturing the data transferred - what require again physical access to the data path. So how real is that in your environment? Do you access the switch using https in plain connection mode (off a VPN) over the wild Internet or an uncontrolled connection?
Look, I don't deny these obsolete stuff must be removed (not just disabled)... YeZ please, what is the status for updating al the maintained switches supporting https?
We dont access this off network. we only access this from the local site or via the VPLS network.
So you have the answer for the scan or audit result - it's not green (Netgear has to change this....), but it's acceptable until remediation is available.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
