[WEB SECURITY] SSL Server Options - Ciphers

hector gmail.sant9442 at winserver.com
Sun Jul 5 06:24:16 EDT 2009


Thanks everyone.

I should of read/printed the customer's PCI scan report attachment 
from McAfee which included a suggested cipher:

      ALL:-ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP

but I wouldn't had understood why without reading up on ciphers and 
their strengths, weaknesses and bit lengths.

What was throwing me off was my erroneous thinking a) TLSv1 was the 
weakest and b) that I had to enforce SSLv3 at the protocol level 
(SRV_SSL_V3)

In fact, from what I see, it is best to set the server to use 
SRV_SSL_V23 and eliminate SSLv2 using the cipher.  If SRV_SSL_V3 is 
used in the code, then both IE and Firefox go into an infinite busy 
state (never times out).  With SRV_SSL_V23 set, a fast browser 
(negative) response is returned. FF shows a popup indicating 
encryption mismatch, and IE shows a page not found.

Thanks again everyone.

--

Ivan Ristic wrote:

> Hector,
> 
> You should first try going back to the auditor to get them to tell you
> exactly why your customer failed. Or, even better, they should tell
> you what their success criteria is. Then you wouldn't need to guess,
> just implement what is needed.
> 
> Having said that, your cipher suite configuration allows for weak 40-
> and 56-bit ciphers, which may be the reason the auditor failed your
> customer. You can see the list of cipher suites allowed in any given
> configuration using the following command line:
> 
> openssl ciphers -v 'CIPHER_STRINGS'
> 
> 
> On Sun, Jul 5, 2009 at 5:39 AM, Hector<sant9442 at gmail.com> wrote:
>> Folks,
>>
>> For our web server, with a reported customer PCI compliance  requirement
>> need along with increasing support questions regarding SSLv3 support only,
>> the issues has made us relook at the web server SSL options.
>> My questions is to do with better understood the various SSL (openssl)
>> options to best present them to provide customers the new "best" security
>> setting out of the box.
>>
>> Currently,  we provide two GUI options:
>>
>>  Cipher:  ALL:!ADH:RC4+RSA:+SSLv3:@STRENGTH  (default)
>>  Verify Level:  None  (default)
>>                       Peer
>>                       Fail if No Peer Certificate
>>
>> Although not in the GUI, the operator can manually set the SSL Protocol
>> (version) option in the config file:
>>
>>   SSLProtocol = 0 to 3
>>
>> where the values are:
>>
>> # define SRV_SSL_V23    0  (default)
>> # define SRV_SSL_V2     1
>> # define SRV_SSL_V3     2
>> # define SRV_SSL_TLS1   3
>>
>> So in this case, for the customer who needs PCI compliant, we suggested to
>> use:
>>
>>   SSLProtocol=2
>>   Cipher:  ALL:!ADH:RC4+RSA:+SSLv3:!SSLv2:!aNULL:!eNULL:!NULL:@STRENGTH
>>
>> Now, in my internal testing with openssl s_client -ssl2 -connect host:443
>>  and with IE and Firefox by forcing them to [X] Use SSLv2 only,   the
>> testing seem to work.  No successful SSL negotiation and connection was
>> made.
>>
>> However, in the last report received on Friday from the customer, he
>> indicated the PCI auditor rescan failed with the new server settings.
>>
>> So I have been trying to make sense of the ciphers and researching how
>> others have addressed this.
>>
>> I guess the issue is the cipher is not correct.  It needs to reduce the
>> ciphers?  Correct?  I am going to have him try other statements.  Does
>> anyone have a suggestion for this cipher openssl statement for PCI
>> compliance?
>>
>> The next question is about making it easier for customers by having them
>> select the SSL Protocol level which will by default be associated to a
>> predefine set of ciphers  while still allow them to alter it from a default
>> cipher set if required.
>>
>> Does that make sense from a security standpoint?   Should I even allow SSLv2
>> and/or TLSv1?
>>
>> Thanks
>>
>>
>> ----------------------------------------------------------------------------
>> Join us on IRC: irc.freenode.net #webappsec
>>
>> Have a question? Search The Web Security Mailing List Archives:
>> http://www.webappsec.org/lists/websecurity/archive/
>>
>> Subscribe via RSS: http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
>>
>> Join WASC on LinkedIn
>> http://www.linkedin.com/e/gis/83336/4B20E4374DBA
>>
>>
> 



----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA



More information about the websecurity mailing list