cancel
Showing results for 
Search instead for 
Did you mean: 
security.operat
Not applicable
Report Inappropriate Content
Message 1 of 8

how to remediate SSL/TLS use of weak RC4 cipher

Anyone can help us out in vulnerability found in McAfee Web Gateway version 7.6.2.6.0 for SSL/TLS use of weak RC4 cipher over TCP port 9393, this comes under scan report of tool available with us i.e. Qualys Scan.

7 Replies
Reliable Contributor asabban
Reliable Contributor
Report Inappropriate Content
Message 2 of 8

Re: how to remediate SSL/TLS use of weak RC4 cipher

Hello,

by default there is no service on port 9393 on the MWG installation. Are you running the UI or Proxy Port on that port?

Best,

Andre

Highlighted
security.operat
Not applicable
Report Inappropriate Content
Message 3 of 8

Re: how to remediate SSL/TLS use of weak RC4 cipher

Hello Andre,

No we are not using this service for UI or proxy port, we already have a separate port for UI & proxy.

goldenvxr
Not applicable
Report Inappropriate Content
Message 4 of 8

Re: how to remediate SSL/TLS use of weak RC4 cipher

Are you using the mwg as a reverse or forward proxy? 

security.operat
Not applicable
Report Inappropriate Content
Message 5 of 8

Re: how to remediate SSL/TLS use of weak RC4 cipher

Its a forward proxy.

Reliable Contributor asabban
Reliable Contributor
Report Inappropriate Content
Message 6 of 8

Re: how to remediate SSL/TLS use of weak RC4 cipher

Hello,

as mentioned port 9393 is not a port that is opened by default on MWG. That means I don't know what service is listening on that port. That means I cannot tell how to configure SSL settings for this port - as I don't know what is listening on that port.

If you have not configured the port yourself somewhere in the configuration you could run "netstat -tlpen" via SSH to display all opened ports and the process which has opened the port. This might help to find more details.

Best,

Andre

McAfee Employee jscholte
McAfee Employee
Report Inappropriate Content
Message 7 of 8

Re: how to remediate SSL/TLS use of weak RC4 cipher

Hi!

might kick himself on this one.

ASC (Active System Console) listens on port 9393.

This is deprecated functionality and is no longer maintained. All of the features that ASC provided (hardware monitoring) are now possible in MWG natively as of 7.6.0 (Web Gateway 7.6.0 Release Notes - PD26143 ).

To disable ASC, go to the command line on each appliance and type: asc-disable

This will turn it off.

If you are still using ASC for notifications and alerts, I suggest you check out this article:

Best Regards,

Jon

Reliable Contributor asabban
Reliable Contributor
Report Inappropriate Content
Message 8 of 8

Re: how to remediate SSL/TLS use of weak RC4 cipher

Ha! Thank you ​! Absolutely makes sense... I didn't even think about the management software and was just searching for this port on my VM. Shame on me :-)

Best,

Andre

McAfee ePO Support Center Plug-in
Check out the new McAfee ePO Support Center. Simply access the ePO Software Manager and follow the instructions in the Product Guide for the most commonly used utilities, top known issues announcements, search the knowledgebase for product documentation, and server status and statistics – all from within ePO.