Juniper's SSL VPN continues to baffle me by doing inexplicably weird things. For example, you can tell it not to use weak ciphers, which is good. But it doesn't actually shut them off. It continues to let you negotiate an SSL session with weak ciphers, but then the SSL VPN itself gives you an error message: "This site requires Strong ciphers. Please upgrade your browser."
Ok, so maybe that's kind of user friendly, but I wouldn't be surprised if it was exploitable as well.
Thursday, June 10, 2010
Saturday, June 5, 2010
Subscribe to:
Posts (Atom)
