I'm a little bit confused which stream cipher is really used in the RED-tunnels [:S]
According to the datasheet:
"...all transferred data is protected using an AES256-encrypted tunnel."
But when I look into the red.log of a UTM220 I will see:
red_server[****]: SELF: New connection from **.**.**.** with ID ********* (cipher RC4-SHA), rev1
And I've found no option in the webinterface to change this cipher.
I'm not a crpytoexpert, but to my knowledge there exists a few attacks to RC4 that is why ENISA and Microsoft recommend disabling it where possible.
Also for SHA-1 exists attacks and the NIST recomments SHA-256 instead.
Does anybody know here (maybe a astaro-guy[:)]) which encryption is really used in the RED and what the "RC4-SHA" entry in the log means.
Thanks, bye Josef
This thread was automatically locked due to age.
