What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general.

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags

View all Tags

Security scanner shows a "BEAST attack" or "RC4 weakness" vulnerability for PRTG web server



What is this? What can I do? What will Paessler do?

security ssl web-server

Created on May 6, 2013 9:46:43 AM by  Dirk Paessler [Founder Paessler AG] (11,025) 3 6

Last change on May 6, 2013 1:38:46 PM by  Dirk Paessler [Founder Paessler AG] (11,025) 3 6

1 Reply

Accepted Answer



BEAST Attacks and RC4 Problems

SSL is currently afflicted with several security problems. The first one is the so called "BEAST" attack. A problem known for years but only lately was there an exploit found.

This "BEAST" attack is mainly applied on the client side (aka. the Web Browser) and all major vendors have fixed this already except Apple (Safari).

The only approach to fix this on the server side (i.e. the PRTG Web Server) is to:

  • either use TLS 1.1+
  • or to drastically reduce the offered ciphers to RC4 based ones.

Due to third party components used by PRTG we currently can not support TLS 1.1+.

So we have adjusted the "supported cipher list" to support only "SSLv3 128 bits RC4-SHA" in version 13.x.5 or later (available tomorrow morning in the Canary channel). This cipher is supported by all major web browsers.

Unfortunately the RC4 cipher is afflicted with problems too, but there are no practical exploits yet. So it is safe to use - for now. We will monitor the situation and follow the "best practices" recommended by the security experts.

More on the BEAST attack: https://community.qualys.com/blogs/securitylabs/2011/10/17/mitigating-the-beast-attack-on-tls

More on the RC4 weakness: https://community.qualys.com/blogs/securitylabs/2013/03/19/rc4-in-tls-is-broken-now-what

Created on May 6, 2013 9:51:43 AM by  Dirk Paessler [Founder Paessler AG] (11,025) 3 6

Last change on May 6, 2013 2:12:44 PM by  Greg Campion [Paessler Support]

Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.