← Customer 14024267

#22653 LMB Penetration test report

Resolved Created Jan 18, 2023, 7:58 PM Resolved Sep 27, 2023, 10:57 PM
System (internal) Jan 18, 2023, 7:58 PM 
Created from Lead: https://artichoke.shield.syncromsp.com/leads/17076307/convert
Check-in (internal) Jan 18, 2023, 7:58 PM 
Hi Peet,

I figured you would want to look this over anyway. This copy has a note from Tony about the vulnerabilities they noted. From my understanding those aren't really a thing since we're not opened to any outside connection that's not through our VPN. Is this correct? Our concern is that if one of our clients asks for a copy of the report and it mentions vulnerabilities that actually aren't a thing, is there a better way it could be worded in the document?

Tony has contacted LMG to set a meeting to discuss, so if we had your input before that, it would be great.

Thanks!
~jb

--

*	JohnBelobraidic
P A R T N E R S C R E A T I V E
603 Woody Street
Missoula, Montana 59802
406 541 2263
[partnerscreative.com](http://partnerscreative.com/)
customer-reply (internal) Jan 23, 2023, 11:50 PM 
Hey Peet,

If you could take a quick look at this in the next day or so and give me some quick feedback on my questions, we'd really appreciate it. We're scheduled to meet with the LMG folks on Friday.

Thanks,
~jb

On Wed, Jan 18, 2023 at 12:57 PM John Belobraidic <[email protected]> wrote:

Hi Peet,

I figured you would want to look this over anyway. This copy has a note from Tony about the vulnerabilities they noted. From my understanding those aren't really a thing since we're not opened to any outside connection that's not through our VPN. Is this correct? Our concern is that if one of our clients asks for a copy of the report and it mentions vulnerabilities that actually aren't a thing, is there a better way it could be worded in the document?

Tony has contacted LMG to set a meeting to discuss, so if we had your input before that, it would be great.

Thanks!
~jb

--

*	JohnBelobraidic
P A R T N E R S C R E A T I V E
603 Woody Street
Missoula, Montana 59802
406 541 2263
[partnerscreative.com](http://partnerscreative.com/)

--

*	JohnBelobraidic
P A R T N E R S C R E A T I V E
603 Woody Street
Missoula, Montana 59802
406 541 2263
[partnerscreative.com](http://partnerscreative.com/)
Artichoke Support - Peet (internal) Jan 24, 2023, 3:38 PM 
Here you go. TLS1/1.2 disabled and CBC. It breaks remote management to the Kerio Control Box. But that'll be okay.

Cheers.Peet
customer-reply (internal) Jan 27, 2023, 5:56 PM 
Hi Peet,

Pardon my illiteracy but is CBC the certificate?

Thanks

On Tue, Jan 24, 2023 at 8:38 AM Artichoke Support - Peet <[email protected]> wrote:
Artichoke Support - Peet (internal) Jan 27, 2023, 6:05 PM 
Oh, the self-signed certificate is not an issue. We manage and distribute the root CA for the cert so in some ways it's more secure than a publicly signed cert. Regardless, it's a non-issue from a security standpoint.

As an aside, the other deficiencies did need to be addressed, but do not represent a significant risk. All of your VPN clients connect with TLS 1.2 or higher and with one of the secure ciphers.

Cheers.Peet
[email protected] (internal) Sep 27, 2023, 10:57 PM 
Edits made via Bulk Update Tool - see change log for this timestamp