Security
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

The remote service allows repeated renegotiation of TLS / SSL connections.

BastianW
Path Finder
‎07-24-2012 08:34 PM

Our Nessus scan is currently mention the following issues for a service running on port 8089 (which is the splunk forwarder). The complete issue is:

*Synopsis:
The remote service allows repeated renegotiation of TLS / SSL connections.



Description
:
The remote service encrypts traffic using TLS / SSL and permits clients to renegotiate connections. The computational requirements for renegotiating a connection are asymmetrical between the client and the server, with the server performing several times more work. Since the remote host does not appear to limit the number of renegotiations for a single TLS / SSL connection, this permits a client to open several simultaneous connections and repeatedly renegotiate them, possibly leading to a denial of service condition.



Solution
:
Contact the vendor for specific patch information.*

How can we solve that?

Tags (3)
0 Karma
Reply

jamesphilput
Engager
‎10-29-2012 07:29 AM

Were you able to find a solution to this problem? I'm seeing the same issue with the most recent Universal Forwarder software.

Reply

BastianW
Path Finder
‎07-25-2012 04:46 AM

I have installed splunkforwarder-4.3.3-128297-x64-release.msi and this didn´t fix the issue (I also use "supportSSLV3Only = true" in my config).

In the Splunk Product Security Policy I couldn´t also not found anything which is related to the issue above. The issue you refer to seamed to be a "old" SSL issue which didn´t apply here.

0 Karma
Reply

BastianW
Path Finder
‎12-13-2012 11:27 PM

Just updated to Splunk Forwarder 5.0.1 and I still have the same issue.

0 Karma
Reply

MarioM
Motivator
‎07-25-2012 10:51 AM

Then i would advise you to open a support case

0 Karma
Reply

MarioM
Motivator
‎07-24-2012 10:52 PM

Here Splunk Product Security Policy you will find the procedure.

And it seems to be fixed in 4.2.3 and above SPL40645

0 Karma
Reply
Get Updates on the Splunk Community!

Strengthen Your Future: A Look Back at Splunk 10 Innovations and .conf25 Highlights!

The Big One: Splunk 10 is Here!  The moment many of you have been waiting for has arrived! We are thrilled to ...

Now Offering the AI Assistant Usage Dashboard in Cloud Monitoring Console

Today, we’re excited to announce the release of a brand new AI assistant usage dashboard in Cloud Monitoring ...

Stay Connected: Your Guide to October Tech Talks, Office Hours, and Webinars!

What are Community Office Hours? Community Office Hours is an interactive 60-minute Zoom series where ...