3. Vulnerability Scans & Outdated/Weak Ciphers for SSL/early TLS Versions - Is ...

Vulnerability Scans & Outdated/Weak Ciphers for SSL/early TLS Versions - Is Disabling The Web Interface and Opting for SSH-only management the solution?

  1. So all of the devices do support SSH, I just wanted to be sure that if I enable SSH and disable the web interface that I wont still be in the same predicament. Does SSH use weak ciphers as well? Sorry, I am still a bit confused on the underlying technology involved in how SSH is secured, versus SSL/TLS.

  2. To your second point, forward thinking to a time in the future if I ever have strict compliance policies that I need to follow: If I HAD to keep the web interface enabled, is putting the device on a separate VLAN and an ACL limiting access to said web interface enough to move the device itself out of scope even if endpoints plugged into it are in scope (for example, a network switch)?

Thank you so much

/r/networking Thread Parent
Previous
Next

Recently removed from /r/networking

How to keep 2 identical IP addresses on the same network and make it work (temporary) VLAN design/safety sanity check DMVPN Dual ISP Redundancy I'm a software engineer at a major networking vendor. Is there an alternate to RDP (Remote Desktop) when simply needing to connect to a localhost via VPN Cisco 891 Networking | network-policy traffic shaping Troubleshooting tools for remote VPN Users I'm not sure if it's lack of terminology that's holding me back from finding any specifics but I'm unsure why I cannot ping a router through L3 Etherchannel. Good optical fiber and sFP transceiver type for DIY termination? Automation has spooked me and i feel sticking to technical line will make us less vulnerable. What's your opinion? Are there any side hustles being a network engineer? Do you constantly have to prove the networks innocents? Firepower rant How do you survive in networking if you are a colour blind? Performing a technical interview

More Random Comments

My Dog Hates My Boyfriend - Please Help My world is a ship, how does my layout/breakdown/description of its interior sound? [cw] Write a story that has nothing to do with time travel, aliens, God, the devil, spies, death, Hitler, war, AI, Harry Potter, outer space, the fate of humans ELI5: Do computer programmers typically specialize in one code? Are there dying codes to stay far away from, codes that are foundational to other codes, or uprising codes that if learned could make newbies more valuable in a short time period? limited budget-gamer's opinion needed 300-year-old Chinese abacus ring was used during the Qing Dynasty to help traders. Looking to join T10/Level 100 Robocraft clan Invictus Rex? Redditors, where do you want to live? Redditors who live there, why should they not want to live there? How did/do you manage to build up a vinyl collection of your taste without spending a fortune? What... in the world is the logic behind the PECL_HTTP RFC? Thanks TB for showing Leigh Alexander the way to some humbleness Is my [20/M] thinking irrational, or do I actually have a reason to be upset at my girlfriend [19/F]? People with siblings, how was your relationship with your brother/sister as a child, and how is your relationship now? I don't know how to be happy. [WP] Nothing happens