General Discussion The Security Impact of HTTPS Interception

UTM Firewall requires membership for participation - click to join

Thread Info

Locked Locked
Replies 3 replies
Subscribers 7 subscribers
Views 4916 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

The Security Impact of HTTPS Interception

Alexander Busch over 8 years ago

Maybe interesting for someone:

Sophos is listed on page 5 Fig. 3

Best regards

Alex

This thread was automatically locked due to age.

Alexander Busch over 8 years ago

In addition it seems possible to remove RC4 for UTM Proxy, see

Anybody done this and happy with it?
Cancel
Vote Up 0 Vote Down

Cancel
PeterMarquis1 over 8 years ago

Just checked what i get from the web appliance and its a little scary, top available suites are secure, but it gives 56 with the last one being TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0xff) not good.

Is there a method that works on the WS web appliances to switch off RC4 and SHA1 and any other suspect Protocols.
Cancel
Vote Up 0 Vote Down

Cancel
darrellr over 8 years ago in reply to Alexander Busch

I set mine as directed in the KB article, but still supported 3DES ciphers, so still a C rating via ssl-enum-ciphers (nmap script). I added !3DES to the list but it does not seem to have disabled 3DES as it still shows up. The RC4 is gone, though.
Cancel
Vote Up 0 Vote Down

Cancel