×
The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.
Ciphers is one of those things that it is critical to know what version of
the OS you are running.
There are two parts:
One, what ciphers do we support?
Two, what ciphers are actually consumed?
This is how they relate. Let's say you had a cipher called
*EASILY_HACKED. Your auditors may want you to shut that one down. But
you may have a concern if some vendor or something might be using that. So
that's where the second question comes into play.
Now, from the 10,000 foot view, there are ways to see both.
Going back to your post...
You had a question if your PCI scanner calls it DES-CBC3-SHA while IBM may
call it something else, like RSA_3DES_EDE_CBC_SHA.
The red flag I see from your scanner is CBC3. I would think that it
should be 3DES-CBC so your concern is probably valid.
Some google searching for DES-CBC3-SHA shows hits but shuts right down if
you add "IBM i"
See also:
"How to determine what System SSL/TLS protocols and cipher suites are used
on the system"
http://www.ibm.com/support/knowledgecenter/en/ssw_ibm_i_73/rzain/rzainhowtoprotocipher.htm?view=kc
Rob Berendt
midrange.com
