Hi i have some questions regarding webtool v6.30
I am curently using the Brocade SAN 5800 switches.
Recently there were some guy doin PENTEST to our switches.
They have found some vulnerabilty.
1)Can HTTP TRACE be disabled on the SAN Switch?
As webtool brocade switches uses a in-built web server, is it possible to configure it to disable HTTP TRACE?
2)Is there a new version of Apache for the SAN Switch?
3)Are stronger SSL Ciphers supported on the SAN Switch?
Apparently,from the test result it show that Weak Cipher is configure on my SAN switch.
ideally it should be 128 bits key.How do i configure it?
Accepted SSLv3 56 bits EDH-RSA-DES-CBC-SHAAccepted SSLv3 40 bits EXP-EDH-RSA-DES-CBC-SHAAccepted SSLv3 56 bits DES-CBC-SHAAccepted SSLv3 40 bits EXP-DES-CBC-SHAAccepted SSLv3 40 bits EXP-RC2-CBC-MD5Accepted SSLv3 40 bits EXP-RC4-MD5Accepted TLSv1 56 bits EDH-RSA-DES-CBC-SHAAccepted TLSv1 40 bits EXP-EDH-RSA-DES-CBC-SHAAccepted TLSv1 56 bits DES-CBC-SHAAccepted TLSv1 40 bits EXP-DES-CBC-SHAAccepted TLSv1 40 bits EXP-RC2-CBC-MD5Accepted TLSv1 40 bits EXP-RC4-MD5
Apache and other Features/Applications, are part in FOS Package.
you can find details about the release in Brocade OSCD
-->> As webtool brocade switches uses a in-built web server, is it possible to configure it to disable HTTP TRACE?
No. however you van disable the http service, but keep in mind in suche case the webtools is not londer available.
Is there a new version of Apache for the SAN Switch?
yes, I would suggest to upgrade to new FOS release, because v6.3.0 is EOS