Page 1 of 1
tls 1.0/1.1 and ssh cbc cipher disabled ?
Posted: Thu Oct 19, 2023 11:47 am
by Overmind
Hi,
is there a possibility to disable tls 1.0/1.1 for (https) access on the Wtware web interface as well as to disable cbc cipher for (ssh) access?
These have been noticed negatively during internal network-scans and are considered to be security critical.
with kind regards
Overmind
Re: tls 1.0/1.1 and ssh cbc cipher disabled ?
Posted: Thu Oct 19, 2023 2:15 pm
by akatik
WTware https web interface accepts SSLv2 (older than tls 1.0) for years because of ancient wget.exe using in windows scripts. No one was worried. Until this week. Now it's a problem for many people. What happened?
Please try this SD image, write on SD in native Raspberry Imager:
http://wtware.com/testing/202310170145/ ... ry.img.zip
If it pass network-scans, write me and we'll make a release build soon.
Re: tls 1.0/1.1 and ssh cbc cipher disabled ?
Posted: Tue Oct 24, 2023 10:39 pm
by aka
Please try wtware version 6.2.6.
Also, we have no ssh access.
Re: tls 1.0/1.1 and ssh cbc cipher disabled ?
Posted: Wed Nov 08, 2023 11:12 am
by Overmind
Disabling TLS 1.0/1.1 was successful, our security scans look better now, thanks
.
I will try again with the current version 6.2.6
akatik wrote: ↑Thu Oct 19, 2023 2:15 pm
WTware https web interface accepts SSLv2 (older than tls 1.0) for years because of ancient wget.exe using in windows scripts. No one was worried. Until this week. Now it's a problem for many people. What happened?
Please try this SD image, write on SD in native Raspberry Imager:
http://wtware.com/testing/202310170145/ ... ry.img.zip
If it pass network-scans, write me and we'll make a release build soon.