Friends,
We have received Vulnerability scan report for our WS_FTP server and suggested below actions..
1. SSH Server CBC Mode Ciphers Enabled - Disable CBC mode cipher encryption, and enable CTR or GCM cipher mode encryption.
The following client-to-server Cipher Block Chaining (CBC) algorithmsare supported :
3des-cbc
aes128-cbc
aes192-cbc
aes256-cbc
blowfish-cbc The following server-to-client Cipher Block Chaining (CBC) algorithms
are supported :
3des-cbc
aes128-cbc
aes192-cbc
aes256-cbc
blowfish-cbc
cast128-cbc
2. SSH Weak MAC Algorithms Enabled - Disable MD5 and 96-bit MAC algorithms
The following client-to-server Message Authentication Code (MAC) algorithms are supported :hmac-md5
hmac-md5-96
hmac-sha1-96
The following server-to-client Message Authentication Code (MAC) algorithms are supported :
hmac-md5
hmac-md5-96
hmac-sha1-96
No Proper steps or Instructions are available on Internet regards to these two points, could you please suggest...
Regards,
SH,