How to secure a GMS/Analyzer Web Server Service against weak ciphers and other vulnerabilities
03/26/2020 1047 11913
If your GMS/Analyzer server is publicly accessible, securing the web server service against weak ciphers and/or other vulnerabilities may be needed. This article describes some basic steps to identify issues along with methods of mitigating such issues.
Identify if any vulnerabilities due to weak ciphers or other known vulnernabilities exist currently on your GMS/Analyzer server. The following utility can scan your web service by providing the server URL:
e) Save chages to the server.xml file and restart the GMS/Analyzer server
How to Test:
Re-scan using the SSL Analyzer utility you prefer and verify changes:
When GMS is installed on Windows, you may see a Vulnerability listed for - Secure Renegotiation (Client-initiated). This may not be fixed by applying changes in the article. Tomcat does not see this issue as a specific vulnerability and no specific fix is listed. For further info, refer to - http://tomcat.apache.org/security-7.html#Not_a_vulnerability_in_Tomcat