Wednesday, November 27, 2024
HomeComputerWindows

Fixing “RC4 Cipher Suites Supported” in HP System Management Homepage

Bastian
By Bastian
0
1561

Abstract: If you scan your fresh new HP Server via a vulnerability scan (e.g Nessus) you might get a “RC4 Cipher Suites Supported” on Port 2381, how can this vulnerability be fixed?

Solution:

1.) At first it might be, that you restricted the possible cipher in the past via the fix here from the year 2012. So the first step is to edit “C:/hp/hpsmh/conf/smhpd.xml” via notepad and search for “ssl-cipher-suite” you might find something like:

<ssl-cipher-suite>RC4-SHA</ssl-cipher-suite>

if this is the case remove the whole “<ssl-cipher-suite>RC4-SHA</ssl-cipher-suite>” block. The problem here is that RC4 was fine in the year 2012, but since some days passed now its not that secure any longer (see for example this link).

2.) Restart the HP System Management Homepage

3.) Start a new CMD (run as admin) switch to the HP folder:

cd C:\HP\hpsmh\bin

and run the following command:

smhconfig.exe -Z ALL:!ADH:!EXPORT56:!EXPORT40:!DES-CBC3-SHA:!RC4-MD5:!RC4-SHA:!RC4+RSA:+HIGH:+MEDIUM:-SSLv2:-SSLv3:+EXP:!LOW:!eNULL:!aNULL

This will disable the triple DES and RC4 cipher and will only left the following in place:

Starting Nmap 6.49BETA5 ( https://nmap.org ) at 2015-10-12 10:24 W. Europe Daylight Time
Nmap scan report for xxxxxxxxxx (xxxxxxxxxxxxxxxxxxxxx)
Host is up (0.016s latency).
rDNS record for xxxxxxxxxxxxxx: xxxxxxxxxxxxxxxxxxxxxxxxxxx

PORT     STATE SERVICE
2381/tcp open  compaq-https
| ssl-enum-ciphers: 
|   TLSv1.2: 
|     ciphers: 
|       TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (dh 2048) - A
|       TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (dh 2048) - A
|       TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (dh 2048) - A
|       TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (dh 2048) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (ec 256) - A
|       TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (ec 256) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (ec 256) - A
|       TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (ec 256) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA256 (rsa 2048) - A
|       TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA256 (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A
|     compressors: 
|       NULL
|     cipher preference: client
|     warnings: 
|       Weak certificate signature: SHA1
|_  least strength: A

Nmap done: 1 IP address (1 host up) scanned in 3.00 seconds

Keep noted that you might need to adjust that also on your HP management server! Otherwise it might happen that you break the connection.

Previous article
Install Debian 8.x (Jessie) on VMWare
Next article
Windows OS Hardening: “Windows NetBIOS / SMB Remote Host Information Disclosure”
Bastian
Bastian

Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Stay Connected

35FollowersFollow
- Advertisement -

Latest Articles

Load more

Newspaper is your news, entertainment, music fashion website. We provide you with the latest breaking news and videos straight from the entertainment industry. Fashion fades, only style remains the same. Fashion never stops. There are always projects, opportunities. Clothes mean nothing until someone lives in them.

Contact us: contact@yoursite.com

© Copyright - Admin Enclave