Disabling RC4 encryption and enabling TLS for web access Zone director

  • 1
  • Question
  • Updated 2 years ago
  • (Edited)
Hi Experts ,

During security audit it is reported that ZD is using RC4, CBC. How to disable them and enable TLS 1.2 and CTR encryption suites. the version is 9.5.2.0
Photo of Tamilselvam P

Tamilselvam P

  • 3 Posts
  • 0 Reply Likes

Posted 2 years ago

  • 1
Photo of John D

John D, AlphaDog

  • 497 Posts
  • 137 Reply Likes
You can do slightly better by upgrading your ZoneDirector to a more recent firmware. On 9.10, I'm seeing it connecting with TLS 1.2 and AES-128-GCM. Still considered obsolete these days, but way better than RC4-CBC and probably will pass your audits.
Photo of Tamilselvam P

Tamilselvam P

  • 3 Posts
  • 0 Reply Likes
Thanks Mr.John , The telnet server in this ZD is using version less than Dropbear SSH 2013.59. How Can I upgrade the same?
Photo of John D

John D, AlphaDog

  • 497 Posts
  • 137 Reply Likes
Yep. On 9.10:

debug1: Remote protocol version 2.0, remote software version dropbear_2014.63