Disabling RC4 encryption and enabling TLS for web access Zone director
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-10-2015 01:40 AM
Hi Experts ,
During security audit it is reported that ZD is using RC4, CBC. How to disable them and enable TLS 1.2 and CTR encryption suites. the version is 9.5.2.0
During security audit it is reported that ZD is using RC4, CBC. How to disable them and enable TLS 1.2 and CTR encryption suites. the version is 9.5.2.0
3 REPLIES 3
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-10-2015 10:02 AM
You can do slightly better by upgrading your ZoneDirector to a more recent firmware. On 9.10, I'm seeing it connecting with TLS 1.2 and AES-128-GCM. Still considered obsolete these days, but way better than RC4-CBC and probably will pass your audits.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-10-2015 09:20 PM
Thanks Mr.John , The telnet server in this ZD is using version less than Dropbear SSH 2013.59. How Can I upgrade the same?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-10-2015 10:35 PM
Yep. On 9.10:
debug1: Remote protocol version 2.0, remote software version dropbear_2014.63
debug1: Remote protocol version 2.0, remote software version dropbear_2014.63

