Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

OpenSSL How to Disable Ciphers

Posted on 2012-04-11
11
Medium Priority
?
5,391 Views
Last Modified: 2012-04-12
Hi,
I need to disable certain ciphers on my Linux servers following a Nessus vulnerability assessment scan. The Nessus report lists specific weak and medium ciphers that it doesn't like. For instance, here are the medium ciphers I need to disable:
Medium Strength Ciphers (>= 56-bit and < 112-bit key)
DES-CBC-SHA Kx=RSA Au=RSA Enc=DES(56) Mac=SHA1
EXP1024-DES-CBC-SHA Kx=RSA(1024) Au=RSA Enc=DES(56) Mac=SHA1 export
EXP1024-RC4-SHA Kx=RSA(1024) Au=RSA Enc=RC4(56) Mac=SHA1 export
DES-CBC-SHA Kx=RSA Au=RSA Enc=DES(56) Mac=SHA1

I haven't been able to find much in the way of documentation as to how to do this. Some of what I have found doesn't seem to work. I came across this command that is supposed to enable only TLSv1/SSLv3 ciphers of 128 bits or higher, and disables all others, and then sorts them by strength so that the strongest ciphers would be tried first:
'openssl ciphers -v 'TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!3DES:@STRENGTH'' - when I run this command this is what I get back:
$ openssl ciphers -v 'TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!3DES:@STRENGTH'
DHE-RSA-AES256-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA1
DHE-DSS-AES256-SHA      SSLv3 Kx=DH       Au=DSS  Enc=AES(256)  Mac=SHA1
AES256-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA1
DHE-RSA-AES128-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA1
DHE-DSS-AES128-SHA      SSLv3 Kx=DH       Au=DSS  Enc=AES(128)  Mac=SHA1
AES128-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(128)  Mac=SHA1

However, if I then check to see what ciphers are enabled, it displays all the ciphers including the ones that I thought were disabled by the command above:
$ openssl ciphers -v 'ALL:eNULL'
ADH-AES256-SHA          SSLv3 Kx=DH       Au=None Enc=AES(256)  Mac=SHA1
DHE-RSA-AES256-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA1
DHE-DSS-AES256-SHA      SSLv3 Kx=DH       Au=DSS  Enc=AES(256)  Mac=SHA1
AES256-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA1
ADH-AES128-SHA          SSLv3 Kx=DH       Au=None Enc=AES(128)  Mac=SHA1
DHE-RSA-AES128-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA1
DHE-DSS-AES128-SHA      SSLv3 Kx=DH       Au=DSS  Enc=AES(128)  Mac=SHA1
AES128-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(128)  Mac=SHA1
ADH-DES-CBC3-SHA        SSLv3 Kx=DH       Au=None Enc=3DES(168) Mac=SHA1
ADH-DES-CBC-SHA         SSLv3 Kx=DH       Au=None Enc=DES(56)   Mac=SHA1
EXP-ADH-DES-CBC-SHA     SSLv3 Kx=DH(512)  Au=None Enc=DES(40)   Mac=SHA1 export
ADH-RC4-MD5             SSLv3 Kx=DH       Au=None Enc=RC4(128)  Mac=MD5
EXP-ADH-RC4-MD5         SSLv3 Kx=DH(512)  Au=None Enc=RC4(40)   Mac=MD5  export
EDH-RSA-DES-CBC3-SHA    SSLv3 Kx=DH       Au=RSA  Enc=3DES(168) Mac=SHA1
EDH-RSA-DES-CBC-SHA     SSLv3 Kx=DH       Au=RSA  Enc=DES(56)   Mac=SHA1
EXP-EDH-RSA-DES-CBC-SHA SSLv3 Kx=DH(512)  Au=RSA  Enc=DES(40)   Mac=SHA1 export
EDH-DSS-DES-CBC3-SHA    SSLv3 Kx=DH       Au=DSS  Enc=3DES(168) Mac=SHA1
EDH-DSS-DES-CBC-SHA     SSLv3 Kx=DH       Au=DSS  Enc=DES(56)   Mac=SHA1
EXP-EDH-DSS-DES-CBC-SHA SSLv3 Kx=DH(512)  Au=DSS  Enc=DES(40)   Mac=SHA1 export
DES-CBC3-SHA            SSLv3 Kx=RSA      Au=RSA  Enc=3DES(168) Mac=SHA1
DES-CBC-SHA             SSLv3 Kx=RSA      Au=RSA  Enc=DES(56)   Mac=SHA1
EXP-DES-CBC-SHA         SSLv3 Kx=RSA(512) Au=RSA  Enc=DES(40)   Mac=SHA1 export
EXP-RC2-CBC-MD5         SSLv3 Kx=RSA(512) Au=RSA  Enc=RC2(40)   Mac=MD5  export
RC4-SHA                 SSLv3 Kx=RSA      Au=RSA  Enc=RC4(128)  Mac=SHA1
RC4-MD5                 SSLv3 Kx=RSA      Au=RSA  Enc=RC4(128)  Mac=MD5
EXP-RC4-MD5             SSLv3 Kx=RSA(512) Au=RSA  Enc=RC4(40)   Mac=MD5  export
DES-CBC3-MD5            SSLv2 Kx=RSA      Au=RSA  Enc=3DES(168) Mac=MD5
DES-CBC-MD5             SSLv2 Kx=RSA      Au=RSA  Enc=DES(56)   Mac=MD5
EXP-RC2-CBC-MD5         SSLv2 Kx=RSA(512) Au=RSA  Enc=RC2(40)   Mac=MD5  export
RC2-CBC-MD5             SSLv2 Kx=RSA      Au=RSA  Enc=RC2(128)  Mac=MD5
EXP-RC4-MD5             SSLv2 Kx=RSA(512) Au=RSA  Enc=RC4(40)   Mac=MD5  export
RC4-MD5                 SSLv2 Kx=RSA      Au=RSA  Enc=RC4(128)  Mac=MD5
NULL-SHA                SSLv3 Kx=RSA      Au=RSA  Enc=None      Mac=SHA1
NULL-MD5                SSLv3 Kx=RSA      Au=RSA  Enc=None      Mac=MD5

What is the correct command syntax to disable specific individual ciphers, and/or what would be the command syntax to disable all the weak and medium strength ciphers?

Thank you,
Jeff
0
Comment
Question by:jpetter
  • 6
  • 5
11 Comments
 
LVL 51

Expert Comment

by:ahoffmann
ID: 37836254
assuming that it is a apache server define the ciphers you want in the SSLCipherSuite directive in your httpd.conf (or its includes)
1
 

Author Comment

by:jpetter
ID: 37836759
Thanks for the suggestion. The OpenSSL is being used with a web server, but I need to know how to disable them in OpenSSL so they don't appear on the next vulnerability scan.

Thanks
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 37836834
> ... but I need to know how to disable them in OpenSSL ..
openssl is the tool to access your web server as client (just like a browser does),
what openssl reports is the configuration provided by the service listening on the port it connects (most likely 443)
and the service listening there is most likely your web server (I guess apache) and not openssl itself
that's why I suggested to properly configure your apache

if you feel that this suggestion is not accurate for whatever reason, please contact your "scanner" and ask what exactly they tested, please post the command for it and also explain which service/process is responsible for that on your site
0
Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

 

Author Comment

by:jpetter
ID: 37836900
Thanks again for the information. It sounds like I don't know how all the piece parts fit together. If I understand you correctly, the installation of OpenSSL does not install ciphers along with it per se, and the ciphers would be installed by/used by the web server, and openssl is simply a tool to interface with these. Is that correct?
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 2000 total points
ID: 37837061
simple answer: yes
long answer: see below

stolen from openssl's man-page:
---
DESCRIPTION
       OpenSSL is a cryptography toolkit implementing the Secure Sockets Layer (SSL
       v2/v3) and Transport Layer Security (TLS v1) network protocols and related
       cryptography standards required by them.

       The openssl program is a command line tool for using the various cryptography
       functions of OpenSSL's crypto library from the shell.  It can be used for

        o  Creation of RSA, DH and DSA key parameters
        o  Creation of X.509 certificates, CSRs and CRLs
        o  Calculation of Message Digests
        o  Encryption and Decryption with Ciphers
        o  SSL/TLS Client and Server Tests
        o  Handling of S/MIME signed or encrypted mail
---

openssl per se do not have ciphers or certificates but knows the algorithms how to create and verify them
i.g. it's the OS' (Linux) or programs (web server, ssh) resposibility to provide certificates, i.e. apache creates it's own certificate using openssl if started with ssl suport but no certificates are found
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 37837066
BTW, just to understand how security is sold/paid for:
do I understand correctly that you bought a security check (probably PCI compliance check) and you simply got a automatically generated report without further explanations?
0
 

Author Comment

by:jpetter
ID: 37837081
Thanks very much for the quick response. I did see that initially on the man page, but it didn't click - I was thinking about it the wrong way.
0
 

Author Closing Comment

by:jpetter
ID: 37837083
Very quick response with very good information.
0
 

Author Comment

by:jpetter
ID: 37837093
Basically yes. A vulnerability scan runs against a group of servers, and a report gets sent out that includes the vulnerabilities that need to be cleared. Some of them have recommended fixes. For the SSL Weak Cipher vulnerability, we are provided with the ciphers we are to disable. So we do get a little bit of an explanation. The rest is done with Google, and when that fails, on to EE.

Thanks!
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 37837128
may I ask:
is this a automatic scheduled scan?
you do not get reports reviewed by human auditors?
if so, what're the costs?

and keep in mind: security is a process, not a product
0
 

Author Comment

by:jpetter
ID: 37837160
Some are automated, such as PCI, and some are for security reviews, which are not. If we have issues we can go to the security team for some support, and they do review them when we submit our remediation documentation.
0

Featured Post

Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

So you need a certificate so you can offer SSL encryption.  But which one should you get?  There are so many choices out there! Here is a generic overview of the main types of SSL certificates sold by the majority of commercial Certification Auth…
The Internet has made sending and receiving information online a breeze. But there is also the threat of unauthorized viewing, data tampering, and phoney messages. Surprisingly, a lot of business owners do not fully understand how to use security t…
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…

926 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question