So I have this host that I've ran previous scans on, and those scans warn about the host using
TLS_RSA_WITH_3DES_EDE_CBC_SHA
which should be vulnerable to the ROBOT attack, no?
At this moment I have an active https connection to this host, and Firefox ESR also warns about the site using weak encryption, more specifically:
Broken Encryption(TLS_RSA_WITH_AES_128_CBC_SHA, 128 bit keys, TLS 1.0)
So it seems the site really is using TLS_RSA encryption, however when I run the robot-detect tool, this is the response:
Cannot connect to server: [SSL: UNSUPPORTED_PROTOCOL] unsupported protocol (_ssl.c:1076)
Server does not seem to allow connections with TLS_RSA (this is ideal).
What is actually going on here?
So I have this host that I've ran previous scans on, and those scans warn about the host using
TLS_RSA_WITH_3DES_EDE_CBC_SHA
which should be vulnerable to the ROBOT attack, no?
At this moment I have an active https connection to this host, and Firefox ESR also warns about the site using weak encryption, more specifically:
Broken Encryption(TLS_RSA_WITH_AES_128_CBC_SHA, 128 bit keys, TLS 1.0)
So it seems the site really is using TLS_RSA encryption, however when I run the robot-detect tool, this is the response:
Cannot connect to server: [SSL: UNSUPPORTED_PROTOCOL] unsupported protocol (_ssl.c:1076)
Server does not seem to allow connections with TLS_RSA (this is ideal).
What is actually going on here?