This perl script came up in Google from: www.linux-advocacy.org/wp-content/uploads/2008/07/psa-pci.pl
Not quite sure who the author of that code was/is.
Entries from August 2008
PSA/Plesk PCI perl script
August 28th, 2008 · No Comments
Tags: Linux · Operating System
PCI scan picking up various weak cipher suites
August 22nd, 2008 · No Comments
The PCI scans appear to be picking up some weak cipher suites on HTTPS, POP3S, IMAPS and SMTPS. This is easily fixed with the following configuration file examples:
Apache ssl.conf (or httpd.conf ):
#SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
#SSLCipherSuite ALL:-ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
SSLCipherSuite ALL:-ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
SSLProtocol -ALL +SSLv3 +TLSv1
If using courier for imap & pop3 the imapd-ssl and pop3d-ssl files will need updating in /etc/courier-imap, [...]
Tags: Linux · Operating System