IBM Security QRadar SOAR

 View Only
  • 1.  STOMP connection App Host --> Resilient

    Posted Wed September 08, 2021 08:25 AM
    Hello,

    I am curious if the STOMP implementation used for the connection App Host --> Resilient (Port 65001)  is encrypted (currently cannot test this myself and also I couldn't find the documentation which clearly describes the state of the STOMP connection).

    Thanks.

    ------------------------------
    petre b
    ------------------------------


  • 2.  RE: STOMP connection App Host --> Resilient

    Posted Thu September 09, 2021 02:58 AM
    It should be. I have read in the past TLS is not configurable for STOMP. It is enabled and required always, so there is no configuration for it. They can verify it by using openssl s_client -connect <their resilient url>:65001.

    ------------------------------
    BENOIT ROSTAGNI
    ------------------------------



  • 3.  RE: STOMP connection App Host --> Resilient

    Posted Thu September 09, 2021 10:18 AM

    I know the last time I looked at the code for the STOMP protocol handler it was STOMP with TLS baked on top of it. So I would say yes.

    Checked just now: yes
    https://github.com/ibmresilient/resilient-python-api/blob/c510d7033495464b506ca4b9256fd0fb921ef82e/resilient-circuits/resilient_circuits/stomp_component.py#L34



    ------------------------------
    Tyler Bennett
    ------------------------------