PCI Compliance - Drop hackable Cipher

Could you please drop the OLD RC4 Cipher that all PCI compliance server scanners will fail when Glasswire remote server is operational. Sorta dangerous to have a method of communication that is so hackable especially when the data being communicated is firewall related.

Drop : TLS_DH_anon_WITH_RC4_128_MD5 - F

Also please consider changing the port used for communication as it’s a common port used by trojan viruses as so many customers will freak out for years to come because your software can quickly be labeled a trojan just because of the port you picked.

PORT : 7007

Thanks :slight_smile:

3 Likes

@HelpMeGuys

We enumerate RC4 as an option between the service and the UI on your PC only. This connection is never used for any network activity outside your PC. We didn’t realize it causes problems with PCI scanners, so we will remove it as an option. Thanks for your report.

About the port… we will investigate.

1 Like

I forgot that you can change the port to whatever you want.

2 Likes

Glad to hear you will remove the RC4 Cipher and again I would suggest you just change the default port from other than 7007. Yes, people can change it but just like you forgot the customer will as well and having a clean port that is not associated for a couple trogan viruses is better for business.

When someone fails a security scan you research WHY a port may be open and the research will point to a virus. You don’t want your product or brand mapped to this if you can control it, agreed ?

The really smart guy will find that 7007 port is linked to either audio or video products, which maybe installed on a machine. You don’t want to enter a conflict situation, and I’m sure this is WHY you allow the port to be changed in the first place. Thanks for considering :slight_smile:

I did try to post here a couple links to where the port is associated with viruses but being a new guy on the block this site does not allow me to publish links.

When will the RC4 cipher be dropped on the next release?

@HelpMeGuys

Yes, I think it will be dropped on the next release unless we run into an unexpected problem.

I am not sure when we will change the default port because a lot of our users are using the remote GlassWire feature and if we change the port suddenly all our customer connections will fail with the update.

For anyone who is interested, you can search a number of databases by application (e.g. Wireshark, “network monitor”). You’ll find a number of major network monitors are not listed (or officially registered) and those that are are often on ports associated with malware.

Maybe GlassWire should register a port with the IANA but I note that products like PRTG are not registered, use ports associated with malware, and use unassigned port numbers:

http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml

1 Like