Prevent TLS/SSL Birthday attacks on 64-bit block ciphers (SWEET32)
Our recent VA report shows that there are TLS/SSL Birthday attacks on 64-bit block ciphers possible on Kubernetes
Suggested solution is Configure the server to disable support for 3DES suite.
Our problems are :
- How to disable support for 3DES suite?
- How this configuration will affect to our running Kubernetes services?
- How to Configure the server to disable support for static key cipher suites?
Here suggest a way to access only API server to access, but I dont understand how to apply it for running kubernetes instance.
Any help, suggestions will be greatly appreciated.Also note, I am not an expert net admin.