Opened 5 years ago

Last modified 4 months ago

#1427 open task

disable RC4

Reported by: killyourtv Owned by:
Priority: major Milestone: eventually
Component: www/i2p Version:
Keywords: security Cc:
Parent Tickets: Sensitive: no

Description

RC4 is considered to be broken and its use is generally discouraged.

Unless there are good reasons to continue supporting RC4 it should probably be disabled on all public facing services.

Subtickets

Change History (9)

comment:2 Changed 5 years ago by zzz

Which sites are affected?

comment:3 Changed 5 years ago by killyourtv

I'm rescanning now and will provide more info soon. https://geti2p.net is one of them along with a few of the reseed servers.

comment:4 Changed 5 years ago by killyourtv

RC4 enabled Reseed

  • 193.150.121.66
  • cowpuncher.drollette.com
  • i2p-netdb.innovatio.no (also vuln to POODLE)
  • jp.reseed.i2p2.no (down, see #1422)
  • reseed.info
  • ssl.webpack.de
  • uk.reseed.i2p2.no
  • us.reseed.i2p2.no

RC4 enabled project sites

  • geti2p.net
  • i2p-projekt.de
  • syndie.de
  • syndie-project.net
Version 0, edited 5 years ago by killyourtv (next)

comment:5 Changed 5 years ago by killyourtv

http://www.isg.rhul.ac.uk/tls/RC4mustdie.html

Our attacks enhance the statistical techniques used in the previous attacks and exploit specific features of the password setting to produce attacks that are much closer to being practical. We report on extensive simulations that illustrate this. We obtain good success rates with 226 encryptions of the password. By contrast, the previous generation of attacks required around 234 encryptions to recover an HTTP session cookie.

comment:6 Changed 4 years ago by str4d

Keywords: security added
Status: newopen

comment:7 Changed 4 years ago by str4d

Milestone: eventually

comment:8 Changed 4 years ago by zzz

Status: openinfoneeded

@OP please rescan and either close or send info to the appropriate people for immediate action… backup for reseed, ech for projekt, and welt? for syndie

this ticket isn't enough to make things happen, need to poke the people responsible

comment:9 in reply to:  4 Changed 4 months ago by anonymous maybe

Status: infoneededopen

Replying to killyourtv:

RC4-enabled reseed

  • 193.150.121.66
  • cowpuncher.drollette.com
  • i2p-netdb.innovatio.no (also vuln to POODLE)
  • jp.reseed.i2p2.no (down, see #1422)
  • reseed.info
  • ssl.webpack.de
  • uk.reseed.i2p2.no
  • us.reseed.i2p2.no

RC4-enabled project sites

  • geti2p.net
  • i2p-projekt.de
  • syndie.de
  • syndie-project.net

I dunno if this list still valid , if so its a horrible with insecurity:

Last edited 4 months ago by anonymous maybe (previous) (diff)
Note: See TracTickets for help on using tickets.