-
1
- #1
gmacdonald78
Programmer
Hello all,
We have a site that uses one-x mobile via an SBCE (two wire configuration) and they have recently had a penetration test conducted on their network. The following was found:
[highlight #FCE94F]The Extensible Messaging and Presence Protocol (XMPP) service in use on one of the assessed hosts supports the plaintext authentication mechanisms.
As a result, any client-side services authenticating to the affected service may do so without encrypting authentication credentials. An attacker located in a suitable network position to intercept traffic could therefore harvest user authentication data, which could be used as part of further attacks against the wider environment (particularly if these credentials are associated with internal domain-based management services).
This finding affects the following host: 83.244.xxx.xxx:5222
o resolve this issue xxxxxxxxxx’ should remove support for plaintext authentication within the affected XMPP service, such that any clients must initiate an encrypted session using the 'STARTTLS' command.
As version information relating to the underlying XMPP software in use could not be obtained, please refer to vendor-specific documentation for further details on how this can be achieved.[/highlight]
Anyone had experience of this, i cant find any information regarding disabling the plaintext authentication? Any help would be greatly appreciated.
We have a site that uses one-x mobile via an SBCE (two wire configuration) and they have recently had a penetration test conducted on their network. The following was found:
[highlight #FCE94F]The Extensible Messaging and Presence Protocol (XMPP) service in use on one of the assessed hosts supports the plaintext authentication mechanisms.
As a result, any client-side services authenticating to the affected service may do so without encrypting authentication credentials. An attacker located in a suitable network position to intercept traffic could therefore harvest user authentication data, which could be used as part of further attacks against the wider environment (particularly if these credentials are associated with internal domain-based management services).
This finding affects the following host: 83.244.xxx.xxx:5222
o resolve this issue xxxxxxxxxx’ should remove support for plaintext authentication within the affected XMPP service, such that any clients must initiate an encrypted session using the 'STARTTLS' command.
As version information relating to the underlying XMPP software in use could not be obtained, please refer to vendor-specific documentation for further details on how this can be achieved.[/highlight]
Anyone had experience of this, i cant find any information regarding disabling the plaintext authentication? Any help would be greatly appreciated.