• Support
  • Forums
  • Blogs

Configuration changes to remediate Sweet32 vulnerability are reverted after reboot

Oz_GOz_G

New Life Form



I am trying to
remediate Sweet32 vulnerability by editing the
: /etc/apache2/sites-enabled/alienvault-ssl.conf
file.



My changes are adding  :!DES-CBC3-SHA
at the end of the SSLCipherSuite line in the
alienvault-ssl.conf file and restarting the Apache2
service.



After the
change the Ossim server shows as clean in my Nessus scan, but, after rebooting
the host the changes are gone.



The Ossim
server is reverting the changes automatically after each reboot I do.



How can I disable
this auto-configuration revert ?



Thank you,




Share post:

Answers

  • Oz_G,

    The issue is that the unit needs to update that configuration file as part of it's ossim-reconfig, which overwrites your changes on any configuration changes or reboots.

    We have a defect filed on this vulnerability and are working to have it added to the next available update installed, which will permanently resolve the issue. In the interim, the changes will need to be reapplied after a reboot or other reconfig scenario.

    We will update this post when the fix is available.
  • Hello kcoe,

    I am still seeing these breaches on the Ossim host and now the OpenVAS portionof Ossim is showing for same breaches at port 9391.
    Any estimation on fixing date ?
    Thank you,

    Oz
Sign In or Register to comment.