Weak Diffie-Hellman and the Logjam Attack

Questions and answers for all installation-related topics for Servoy products

Weak Diffie-Hellman and the Logjam Attack

Postby maurice1471270175 » Mon Aug 15, 2016 4:28 pm

Hi,

Is there someone who has experience with implementing/configuring tomcat against; Diffie-Hellman and the Logjam Attack https://weakdh.org/ https://weakdh.org/sysadmin.html
There is a section "Apache Tomcat" (2nd URL) which describes what ciphers to add in the server.xml but i really don't have a clue what to do with the dhparams.pem generated in the first step and how to implement it in tomcat/keystore?

Any ideas?

Thanks...
Maurice Meijer
STB Zorg
maurice1471270175
 
Posts: 2
Joined: Mon Aug 15, 2016 4:09 pm

Re: Weak Diffie-Hellman and the Logjam Attack

Postby maurice » Wed Aug 17, 2016 11:07 am

I solved it using the right set of ciphers. went from F to an A rating :)
Maurice Meijer
Stb Zorg
SAN Partner

Stb Zorg - http://www.stb.nl
User avatar
maurice
 
Posts: 25
Joined: Fri Sep 12, 2008 8:29 am

Re: Weak Diffie-Hellman and the Logjam Attack

Postby Peter de Groot » Wed Aug 17, 2016 2:20 pm

maurice wrote:I solved it using the right set of ciphers. went from F to an A rating :)


Guru :D
Servoy 7.3.x || 7.4.x

NEM ENERGY BV
Peter de Groot
 
Posts: 207
Joined: Thu Jan 10, 2008 8:38 pm
Location: Has been compromised :-/

Re: Weak Diffie-Hellman and the Logjam Attack

Postby svisser1448437380 » Mon Aug 22, 2016 10:52 am

I installed Nginx as reverse proxy in front of the application server and put all security in there. I also use this to block the /servoy-admin and /servoy-client pages for the public access.
saNder Visser
IT2serve
Servoy 7.4.7 / Windows 8.1
User avatar
svisser1448437380
 
Posts: 10
Joined: Wed Nov 25, 2015 9:43 am
Location: Zoetermeer, Netherlands


Return to Installation

Who is online

Users browsing this forum: No registered users and 3 guests

cron