[Openswan Users] Security Auditors wish for OpenSwan, get weak IKE/ESP policies out of list
tleslie
tleslie at tcn.net
Thu Aug 23 15:02:10 EDT 2007
I am having a security audit done,
and I use openswan,
the auditor looked at the barf of openswan
and saw weak policies there.
How can i get rid of the weak ones from even showing in barf,
can i force a policy,
does ike=.... and esp=.... force it, or just a strong recommendation.
security auditors can be picky ..... :(
auditor basically says, if its in there, even if 99.99999999999999999%
never get used (i.e. single des) dont even allow it to be in there.
any thoughts anyone?
Paul, awesome TLLTS podcast by the way! thanks! hope you were still able
to get beer at the end !!! :)
-tl
More information about the Users
mailing list