For splunkd on the indexer you can set a value in the server.conf file as such:
allowSslCompression = false
Is there an ability to do this for splunkweb?
There doesn't seem to be a setting to disable ssl Compression in web.conf
server.conf is for a general splunk server. It should apply to both indexers and searchheads, imo.
You can run btool on the search head to determine what the current setting is: /opt/splunk/bin/splunk cmd btool --debug server list
EDIT:
You might like this: http://www.georgestarcher.com/?p=674
. This might be relevant: http://answers.splunk.com/answers/65218/splunk-shows-vulnerable-to-cve-2012-4929-in-my-nessus-vulner...
server.conf is for a general splunk server. It should apply to both indexers and searchheads, imo.
You can run btool on the search head to determine what the current setting is: /opt/splunk/bin/splunk cmd btool --debug server list
EDIT:
You might like this: http://www.georgestarcher.com/?p=674
. This might be relevant: http://answers.splunk.com/answers/65218/splunk-shows-vulnerable-to-cve-2012-4929-in-my-nessus-vulner...
You might like this: http://www.georgestarcher.com/?p=674
. This might be relevant: http://answers.splunk.com/answers/65218/splunk-shows-vulnerable-to-cve-2012-4929-in-my-nessus-vulner...
I see what you're saying, I guess I should have been more specific, our vulnerability scanner is picking up a finding on the Splunk Web Interface accessible via 443 that SSL/TLS compression is enabled - behind the scenes I know CherryPy is running - and from what I can tell you can't tell it to stop using SSL Compression.
Title should be SSL compression but the Captcha keeps failing for some reason