@Site Admin
Thanks for your efforts.
There a two questions:
1. If you know wthat's happening, why don't you help your users and provide a workaround in Filezilla?
2. Can you explain, why this is not happening, when disabling TLS 1.2 on the server AND change cipher suite priority to
TLS_RSA_WITH_RC4_128_SHA on top of the list of the server? Looks like there are some more problems.
PS: Documentation for TLS configuration of Windows
http://blogs.msdn.com/b/kaushal/archive/2011/10/03/taming-the-beast-browser-exploit-against-ssl-tls.aspx
http://www.burbageitsolutions.com/blog/2012/6/11/mitigate-the-beast-attack-in-iis-75-for-microsoft-server-200.html
https://www.nartac.com/Products/IISCrypto/
Thanks in advance
Joerg
Quote:
This definitely is a server problem, I managed to reproduce it using FileZilla and both the GnuTLS and OpenSSL command-line clients.
Thanks for your efforts.
There a two questions:
1. If you know wthat's happening, why don't you help your users and provide a workaround in Filezilla?
2. Can you explain, why this is not happening, when disabling TLS 1.2 on the server AND change cipher suite priority to
TLS_RSA_WITH_RC4_128_SHA on top of the list of the server? Looks like there are some more problems.
PS: Documentation for TLS configuration of Windows
http://blogs.msdn.com/b/kaushal/archive/2011/10/03/taming-the-beast-browser-exploit-against-ssl-tls.aspx
http://www.burbageitsolutions.com/blog/2012/6/11/mitigate-the-beast-attack-in-iis-75-for-microsoft-server-200.html
https://www.nartac.com/Products/IISCrypto/
Thanks in advance
Joerg
