Page 1 of 1

How can I safely secure my appliance?

Posted: Tue Oct 03, 2017 8:23 am
by azedek
Hello,

We had a security assessment done and found that the Omniappliance has an SSH server configured to allow MD5 or 96-bit MAC algorithms. The remediation was to disable those algorithms. The X.509 certificate also had a key that was shorter than 2048 bits. The remediation was to replace the certificate in the chain with a longer key.

We have since upgraded from 9.2.0.20 to 10.1.3.5.

How do I safely resolve these issues? Any help will be appreciated. Thank you in advance.

Re: How can I safely secure my appliance?

Posted: Tue Oct 03, 2017 8:46 am
by DJWP
Since the Omnipliance runs a custom image and is not a standard Linux server, most of the vulnerabilities have little or no risk associated with them.

Every time we update the custom image, the latest Ubuntu version (with all appropriate security updates) are included at that time. We also post the latest results of our daily scans here:

https://mypeek.savvius.com/security_information.php

Re: How can I safely secure my appliance?

Posted: Thu Oct 05, 2017 7:12 am
by azedek
Thank you for your response. But, is there any way I can confirm that these specific vulnerabilities which were found in an earlier assessment are indeed gone or do they still persist. Or, how do I go about checking it for myself? Thank you again.

Re: How can I safely secure my appliance?

Posted: Tue Oct 10, 2017 9:26 am
by DJWP
You would need to run a Nessus scan on the network on which the Omnipliance was situated:

https://lifehacker.com/how-to-use-nessu ... 1788261156