Archive
Highlighted

Splunk using 8089 port for SSL Version 1 and 3 Protocol communication

New Member

As the security search report,Security team find out port 8089 had a some of the security issue here.

alt text

How I can disable SSL 2.0 and 3.0 using TLS1.1 or higher instead.

Tags (1)
0 Karma
Highlighted

Re: Splunk using 8089 port for SSL Version 1 and 3 Protocol communication

Motivator

Hello @soralai,

you can use sslVersions = tls1.1, tls1.2 or even sslVersions = tls1.2 in web.conf, server.conf and inputs.conf, but first check that your whole splunk environment support it. This usually means you're using a recent splunk version everywhere and all middleboxes inbetween (firewalls, IPS, etc.) supports TLS 1.1/1.2, it is especially the case if the TLS splunkd connections are terminated and inspected.

https://docs.splunk.com/Documentation/Splunk/8.0.3/Security/SetyourSSLversion

0 Karma