Skip to main content

Universe Telnet Service

  • June 29, 2023
  • 2 replies
  • 18 views
D

Hi everyone, Does anyone know how to make the "Universe Telnet Service" that runs on our IBS Application server, to only use 128bit
block Ciphers, and disable the other lower 64bit block ciphers? The service listens on port 992.

The problem is that our Qualys VUN scanning tool is picking up that port 992 is a security risk against
Birthday attacks against TLS ciphers with 64bit block size vulnerability (Sweet32) and goes on to say
"Disable and stop using DES, 3DES, IDEA or RC2 ciphers. 

We believe that the "Universe Telnet Service" uses OpenSSL that offers out these lower level ciphers, but we have no idea how to to best address this so
that the only ciphers used are 128-bit or higher ciphers. We are waiting on our third party support to get back to us as they have opened a ticket today.

Current version of OpenSSL is OpenSSL 1.0.2m-fips  2 Nov 2017, though "Programs and Features" is saying OpenSSL 1.1.1k (64-bit) was installed on March 2021.

Universe is 12.1.1 is installed.

Thanks in advance.



------------------------------
Dean Christodoulides
IT Technician
Baker Hughes Inc
------------------------------

    2 replies

    liam0099
    • liam0099
    • New Participant
    • February 15, 2026

    Sweet32 appears because your service is still offering 3DES or another 64 bit block cipher. It is not about OpenSSL being installed, it is about what the Telnet service is actually configured to allow.

    Check which OpenSSL version the service uses, happy birthday sms in marathi then restrict the cipher list to HIGH and explicitly disable DES and 3DES. After updating the config, rescan port 992 to confirm 64 bit ciphers are no longer offered.

    liam0099
    • liam0099
    • New Participant
    • February 15, 2026

    Sweet32 appears because your service is still offering 3DES or another 64 bit block cipher, so the issue is configuration rather than installation. I recently adapted a traditional blessing for a family birthday and it felt sincere, much like the clarity in happy birthday sms in marathi. A practical step is to verify the actual OpenSSL library in use, restrict the cipher list to HIGH while disabling DES and 3DES, and then rescan port 992 to confirm the weaker ciphers are no longer advertised.

    Recent badge winners

    Explore all badges
    Terms & ConditionsAccessibility statement