[Zeek] Bro 2.5/2.6 on FIPS-enabled Host
Stephen Neyens
neyens.s at gmail.com
Tue Feb 5 04:46:02 PST 2019
Johanna,
Thank you. This has put me in the right direction.
- Stephen
> On Feb 5, 2019, at 05:01, Johanna Amann <johanna at icir.org> wrote:
>
> Hi Stephen,
>
> a pull request about this was actually just merged; see https://github.com/zeek/zeek/pull/232 and https://github.com/zeek/zeek/pull/255.
>
> This will be in the 2.7 version once it is released. For 2.6 and earlier, the easiest is probably to set the magic “MD5 is allowed” environment variable that most distributions that I know offer and to note in your security policy that this is ok because Zeek does not use MD5 for security, only to output hash information.
>
> Johanna
>
>> On 5 Feb 2019, at 11:03, Stephen Neyens wrote:
>>
>> I have tried my Google-fu far and wide, but I have not found a
>> solution yet to operate Bro on a FIPS-enabled host. When FIPS is
>> enabled via the kernel, Bro refuses to start because of its use of
>> MD5. Any assistance in the matter would be appreciated.
>>
>> - Stephen
>> _______________________________________________
>> Zeek mailing list
>> zeek at zeek.org
>> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/zeek
More information about the Zeek
mailing list