Thursday, June 10, 2010

Juniper SSL VPN - SSL cipher suites

Juniper's SSL VPN continues to baffle me by doing inexplicably weird things. For example, you can tell it not to use weak ciphers, which is good. But it doesn't actually shut them off. It continues to let you negotiate an SSL session with weak ciphers, but then the SSL VPN itself gives you an error message: "This site requires Strong ciphers. Please upgrade your browser."

Ok, so maybe that's kind of user friendly, but I wouldn't be surprised if it was exploitable as well.

1 comment:

historypak said...

This is highly informatics, crisp and clear. I think that everything has been described in systematic manner so that reader could get maximum information and learn many things. vpn service