Obsolete protocol in use

What has been found

Obsolete protocol in use.

An obsolete protocol is currently in use. These protocols have known security deficiencies and are not suitable for use over the internet. Examples include legacy versions of SSL/TLS (SSLv2/SSLv3), SMBv1, Telnet, or older FTP implementations.

Why this is a potential risk

Obsolete protocols often lack encryption, use weak authentication, or contain exploitable vulnerabilities. When exposed to the internet, they become high-value targets for attackers seeking to deploy ransomware, exfiltrate data, or gain unauthorised access. Exploitation can be automated, making even minimally skilled attackers capable of compromising systems. Best practice is to restrict these protocols to trusted internal networks or replace them with modern, secure alternatives.

Potential solutions/Improvements

• Replace obsolete protocols: Migrate to supported, encrypted, and actively maintained protocols (e.g., TLS 1.2/1.3 instead of SSL, SMBv3 instead of SMBv1, SFTP instead of FTP).

• Restrict access: Limit use to internal networks, or secure access via VPN or zero-trust solutions.

• Secure configuration: Apply strong authentication, enforce encryption, and disable legacy features.

• Patch and maintain: Ensure all protocol implementations are updated with vendor security patches.

• Monitor and log: Enable detailed logging and monitor for abnormal access attempts.

How to verify it is resolved:

• Conduct an external vulnerability scan to confirm that obsolete protocols are no longer exposed.

• Audit firewall rules and access controls to ensure only modern, secure protocols are allowed.

• Test all required access paths to verify strong authentication and encryption are enforced.

• Review logs for previous or ongoing unauthorised access attempts.

External references

• NCSC – Using TLS to protect data
• NIST – Guidelines for the Selection, Configuration, and Use of Transport Layer Security
• OWASP – Vulnerable and Outdated Components