Vulnerability check against vApp 14.0.1 (Product used to check called IP360 (https://www.tripwire.com/products/tripwire-ip360/))
reported two vulnerabilities in CentOS:
(1) Vulnerability at port 22, which refers to the ssh service:
sudo vim /etc/ssh/sshd_config
sudo service sshd restart
In the file /etc/ssh/sshd_config add or change and restart the service ssh
MACs hmac-sha1,hmac-ripemd160
Ciphers aes128-ctr,aes192-ctr,aes256-ctr
------------------------
(2)The other vulnerability is in port 443, needs to change two parameter as follow:
In the file /etc/httpd/conf.d/ssl.conf add or change and restart de service httpd
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite HIGH:!aNULL:!MD5:!RC4