Can't get RemoteControlGateway (RCG) to work through NAT (SR #373739)

 
Author
Message
SysAider
2
 
Hi everyone.

Yes, old thread, but new user

This thread has been very usefull because it exposes a fact that might be important, at least in a security perspective. The random port picked for RCG to establish a "secure" communication, is vulnerable due to weak ciphers.

nmap -sV --script ssl-enum-ciphers -p randomport SysAidServer

I've been searching at community if there is a feseable way of completely disable this feature if not used at all.

Using SysAid Server v14.1.07 b45 Enterprise Edition

As a workaround i think that setting this RCG port as fixed 10000 and at the os firewall blocking this port. Obviously not the right way but not vulnerable.

Hoping any help or comments on this.

Regards
SysAider
2
 
tetin20 wrote:Hi everyone.

Yes, old thread, but new user

This thread has been very usefull because it exposes a fact that might be important, at least in a security perspective. The random port picked for RCG to establish a "secure" communication, is vulnerable due to weak ciphers.

nmap -sV --script ssl-enum-ciphers -p randomport SysAidServer

I've been searching at community if there is a feseable way of completely disable this feature if not used at all.

Using SysAid Server v14.1.07 b45 Enterprise Edition

As a workaround i think that setting this RCG port as fixed 10000 and at the os firewall blocking this port. Obviously not the right way but not vulnerable.

Hoping any help or comments on this.

Regards


I've implemented a windows native portproxy solution that at least prevents the use of RCG



Hope this help someone still using this version