[THIN] Web Interface / Secure Gateway / Beast Vulnerability / RC4 & RC2 Ciphers

  • From: Stephen Rogers <Stephen.Rogers@xxxxxxxxxxxxxxxx>
  • To: "'thin@xxxxxxxxxxxxx'" <thin@xxxxxxxxxxxxx>
  • Date: Tue, 24 Sep 2013 16:38:41 +0100

Hi,

Has anyone got any experience with the above ?

I ran the report from SSL Labs and I am being asked to disable all RC4 & RC2 
ciphers, disable SSL 2.0 in IIS and enable strong ciphers

I don't want to break our Citrix Web interface and just wondered if anyone had 
attempted any of the above in order to mitigate against the BEAST vulnerability.

We run Citrix Xen App 6.5 2008 R2

Web interface 5.4.0 & Secure Gateway 3.2.0

The first thing I will do is upgrade to CSG 3.3 and I believe there is also a 
hotfix 3.3.1 which may address some of the vulnerabilities.

I think I can just upgrade my existing CSG by running the 3.3 install ??

Any help or information appreciated regarding the above and possible ways 
around this problem.

Thanks in advance,

Steve



Other related posts: