Author Topic: Akamaistream net still with insecure protocols and configuration...  (Read 1296 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
We do not see it or notice it because it transports content non-publicly, but we are not completely left in the dark.
Why they think they can get away with it? Insecure ciphers, no CSP, no HSTS.
We have an insecure infrastructure, but we do want to see improvements  :(

Allthough the certificate was installed correctly, we meet this insecurities: -akamai.com
Warnings
RC4
Your server's encryption settings are vulnerable. This server uses the RC4 cipher algorithm which is not secure. More information.
RSA remove cross certificates
The certificate chain contains a cross root (primary intermediate) certificate that should be removed. Use Symantec CryptoReport to remove cross root certificates.
Info Verisign and Symantic Intermediate certs.

F-Grade and recommendations:
https://observatory.mozilla.org/analyze.html?host=akamai.com

More issues: http://www.dnsinspect.com/akamaitechnologies.com/10114995

7 red out of 10 risk grade: http://toolbar.netcraft.com/site_report?url=http%3A%2F%2Fa72-247-94-238.deploy.akamaitechnologies.com%2F

polonus (volunteer website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!