Solved

OpenSSL How to Disable Ciphers

Posted on 2012-04-11
11
3,722 Views
Last Modified: 2012-04-12
Hi,
I need to disable certain ciphers on my Linux servers following a Nessus vulnerability assessment scan. The Nessus report lists specific weak and medium ciphers that it doesn't like. For instance, here are the medium ciphers I need to disable:
Medium Strength Ciphers (>= 56-bit and < 112-bit key)
DES-CBC-SHA Kx=RSA Au=RSA Enc=DES(56) Mac=SHA1
EXP1024-DES-CBC-SHA Kx=RSA(1024) Au=RSA Enc=DES(56) Mac=SHA1 export
EXP1024-RC4-SHA Kx=RSA(1024) Au=RSA Enc=RC4(56) Mac=SHA1 export
DES-CBC-SHA Kx=RSA Au=RSA Enc=DES(56) Mac=SHA1

I haven't been able to find much in the way of documentation as to how to do this. Some of what I have found doesn't seem to work. I came across this command that is supposed to enable only TLSv1/SSLv3 ciphers of 128 bits or higher, and disables all others, and then sorts them by strength so that the strongest ciphers would be tried first:
'openssl ciphers -v 'TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!3DES:@STRENGTH'' - when I run this command this is what I get back:
$ openssl ciphers -v 'TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!3DES:@STRENGTH'
DHE-RSA-AES256-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA1
DHE-DSS-AES256-SHA      SSLv3 Kx=DH       Au=DSS  Enc=AES(256)  Mac=SHA1
AES256-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA1
DHE-RSA-AES128-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA1
DHE-DSS-AES128-SHA      SSLv3 Kx=DH       Au=DSS  Enc=AES(128)  Mac=SHA1
AES128-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(128)  Mac=SHA1

However, if I then check to see what ciphers are enabled, it displays all the ciphers including the ones that I thought were disabled by the command above:
$ openssl ciphers -v 'ALL:eNULL'
ADH-AES256-SHA          SSLv3 Kx=DH       Au=None Enc=AES(256)  Mac=SHA1
DHE-RSA-AES256-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA1
DHE-DSS-AES256-SHA      SSLv3 Kx=DH       Au=DSS  Enc=AES(256)  Mac=SHA1
AES256-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA1
ADH-AES128-SHA          SSLv3 Kx=DH       Au=None Enc=AES(128)  Mac=SHA1
DHE-RSA-AES128-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA1
DHE-DSS-AES128-SHA      SSLv3 Kx=DH       Au=DSS  Enc=AES(128)  Mac=SHA1
AES128-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(128)  Mac=SHA1
ADH-DES-CBC3-SHA        SSLv3 Kx=DH       Au=None Enc=3DES(168) Mac=SHA1
ADH-DES-CBC-SHA         SSLv3 Kx=DH       Au=None Enc=DES(56)   Mac=SHA1
EXP-ADH-DES-CBC-SHA     SSLv3 Kx=DH(512)  Au=None Enc=DES(40)   Mac=SHA1 export
ADH-RC4-MD5             SSLv3 Kx=DH       Au=None Enc=RC4(128)  Mac=MD5
EXP-ADH-RC4-MD5         SSLv3 Kx=DH(512)  Au=None Enc=RC4(40)   Mac=MD5  export
EDH-RSA-DES-CBC3-SHA    SSLv3 Kx=DH       Au=RSA  Enc=3DES(168) Mac=SHA1
EDH-RSA-DES-CBC-SHA     SSLv3 Kx=DH       Au=RSA  Enc=DES(56)   Mac=SHA1
EXP-EDH-RSA-DES-CBC-SHA SSLv3 Kx=DH(512)  Au=RSA  Enc=DES(40)   Mac=SHA1 export
EDH-DSS-DES-CBC3-SHA    SSLv3 Kx=DH       Au=DSS  Enc=3DES(168) Mac=SHA1
EDH-DSS-DES-CBC-SHA     SSLv3 Kx=DH       Au=DSS  Enc=DES(56)   Mac=SHA1
EXP-EDH-DSS-DES-CBC-SHA SSLv3 Kx=DH(512)  Au=DSS  Enc=DES(40)   Mac=SHA1 export
DES-CBC3-SHA            SSLv3 Kx=RSA      Au=RSA  Enc=3DES(168) Mac=SHA1
DES-CBC-SHA             SSLv3 Kx=RSA      Au=RSA  Enc=DES(56)   Mac=SHA1
EXP-DES-CBC-SHA         SSLv3 Kx=RSA(512) Au=RSA  Enc=DES(40)   Mac=SHA1 export
EXP-RC2-CBC-MD5         SSLv3 Kx=RSA(512) Au=RSA  Enc=RC2(40)   Mac=MD5  export
RC4-SHA                 SSLv3 Kx=RSA      Au=RSA  Enc=RC4(128)  Mac=SHA1
RC4-MD5                 SSLv3 Kx=RSA      Au=RSA  Enc=RC4(128)  Mac=MD5
EXP-RC4-MD5             SSLv3 Kx=RSA(512) Au=RSA  Enc=RC4(40)   Mac=MD5  export
DES-CBC3-MD5            SSLv2 Kx=RSA      Au=RSA  Enc=3DES(168) Mac=MD5
DES-CBC-MD5             SSLv2 Kx=RSA      Au=RSA  Enc=DES(56)   Mac=MD5
EXP-RC2-CBC-MD5         SSLv2 Kx=RSA(512) Au=RSA  Enc=RC2(40)   Mac=MD5  export
RC2-CBC-MD5             SSLv2 Kx=RSA      Au=RSA  Enc=RC2(128)  Mac=MD5
EXP-RC4-MD5             SSLv2 Kx=RSA(512) Au=RSA  Enc=RC4(40)   Mac=MD5  export
RC4-MD5                 SSLv2 Kx=RSA      Au=RSA  Enc=RC4(128)  Mac=MD5
NULL-SHA                SSLv3 Kx=RSA      Au=RSA  Enc=None      Mac=SHA1
NULL-MD5                SSLv3 Kx=RSA      Au=RSA  Enc=None      Mac=MD5

What is the correct command syntax to disable specific individual ciphers, and/or what would be the command syntax to disable all the weak and medium strength ciphers?

Thank you,
Jeff
0
Comment
Question by:jpetter
  • 6
  • 5
11 Comments
 
LVL 51

Expert Comment

by:ahoffmann
ID: 37836254
assuming that it is a apache server define the ciphers you want in the SSLCipherSuite directive in your httpd.conf (or its includes)
1
 

Author Comment

by:jpetter
ID: 37836759
Thanks for the suggestion. The OpenSSL is being used with a web server, but I need to know how to disable them in OpenSSL so they don't appear on the next vulnerability scan.

Thanks
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 37836834
> ... but I need to know how to disable them in OpenSSL ..
openssl is the tool to access your web server as client (just like a browser does),
what openssl reports is the configuration provided by the service listening on the port it connects (most likely 443)
and the service listening there is most likely your web server (I guess apache) and not openssl itself
that's why I suggested to properly configure your apache

if you feel that this suggestion is not accurate for whatever reason, please contact your "scanner" and ask what exactly they tested, please post the command for it and also explain which service/process is responsible for that on your site
0
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 

Author Comment

by:jpetter
ID: 37836900
Thanks again for the information. It sounds like I don't know how all the piece parts fit together. If I understand you correctly, the installation of OpenSSL does not install ciphers along with it per se, and the ciphers would be installed by/used by the web server, and openssl is simply a tool to interface with these. Is that correct?
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 500 total points
ID: 37837061
simple answer: yes
long answer: see below

stolen from openssl's man-page:
---
DESCRIPTION
       OpenSSL is a cryptography toolkit implementing the Secure Sockets Layer (SSL
       v2/v3) and Transport Layer Security (TLS v1) network protocols and related
       cryptography standards required by them.

       The openssl program is a command line tool for using the various cryptography
       functions of OpenSSL's crypto library from the shell.  It can be used for

        o  Creation of RSA, DH and DSA key parameters
        o  Creation of X.509 certificates, CSRs and CRLs
        o  Calculation of Message Digests
        o  Encryption and Decryption with Ciphers
        o  SSL/TLS Client and Server Tests
        o  Handling of S/MIME signed or encrypted mail
---

openssl per se do not have ciphers or certificates but knows the algorithms how to create and verify them
i.g. it's the OS' (Linux) or programs (web server, ssh) resposibility to provide certificates, i.e. apache creates it's own certificate using openssl if started with ssl suport but no certificates are found
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 37837066
BTW, just to understand how security is sold/paid for:
do I understand correctly that you bought a security check (probably PCI compliance check) and you simply got a automatically generated report without further explanations?
0
 

Author Comment

by:jpetter
ID: 37837081
Thanks very much for the quick response. I did see that initially on the man page, but it didn't click - I was thinking about it the wrong way.
0
 

Author Closing Comment

by:jpetter
ID: 37837083
Very quick response with very good information.
0
 

Author Comment

by:jpetter
ID: 37837093
Basically yes. A vulnerability scan runs against a group of servers, and a report gets sent out that includes the vulnerabilities that need to be cleared. Some of them have recommended fixes. For the SSL Weak Cipher vulnerability, we are provided with the ciphers we are to disable. So we do get a little bit of an explanation. The rest is done with Google, and when that fails, on to EE.

Thanks!
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 37837128
may I ask:
is this a automatic scheduled scan?
you do not get reports reviewed by human auditors?
if so, what're the costs?

and keep in mind: security is a process, not a product
0
 

Author Comment

by:jpetter
ID: 37837160
Some are automated, such as PCI, and some are for security reviews, which are not. If we have issues we can go to the security team for some support, and they do review them when we submit our remediation documentation.
0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question