Jun 5, 2012

How To Force SSL 3.0 or TLS 1.0

My day job handles a lot of sensitive data. Because of that we are required by a lot of our partners to perform frequent penetration testing on our public facing servers to determine if they are vulnerable to attack. I think it's great! I mean, I think all companies should scan their public facing stuff to identifiy potential problems and fix them before bad things happen. It would have saved Sony a world of bad publicity if they had done it don't you think?

Well luckily we are required to, so I get to oversee this. Without giving too much away, our last scan went pretty well but the big thing we were hit on was the fact that our secure web servers offered the ability to connect using SSL v2. There are several problems with SSL v2 according to Wikipedia:

  • Identical cryptographic keys are used for message authentication and encryption.
  • SSL 2.0 has a weak MAC construction that uses the MD5 hash function with a secret prefix, making it vulnerable to length extension attacks.
  • SSL 2.0 does not have any protection for the handshake, meaning a man-in-the-middle downgrade attack can go undetected.
  • SSL 2.0 uses the TCP connection close to indicate the end of data. This means that truncation attacks are possible: the attacker simply forges a TCP FIN, leaving the recipient unaware of an illegitimate end of data message (SSL 3.0 fixes this problem by having an explicit closure alert).
  • SSL 2.0 assumes a single service and a fixed domain certificate, which clashes with the standard feature of virtual hosting in Web servers. This means that most websites are practically impaired from using SSL.

If SSL v2 sucks so bad, then isn't it disabled by default at the server level? In a word, Nope! It is disabled at the client level in modern browsers, but if you stand up a fresh IIS server or Apache server and put an SSL certificate on it then call it a day, guess what, that puppy will accept connections from SSL v2 clients, and that is a PCI compliancy no no!

pci compliantTo disable it in Windows, it's fairly easy. Just do the following on your web server:

  • Type Win+R > Type in regedit and press Enter
  • Browse to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\
  • In Windows 2003, you will see sub-keys for SSL 2.0 and PCT 1.0 both with Server sub-keys
  • In Windows 2008 and 2008 R2 you will only see a sub-key for SSL 2.0, you will need to create one for PCT 1.0 and create sub-keys under each for Server
  • Now that our keys are similar, in the Server sub-key under both PCT 1.0 and SSL 2.0 right click the white area and create a new DWORD called Enabled
  • Leave the value set at 0 and reboot
  • Your server is now PCI compliant

For Apache under Ubuntu:

  • Browse to /etc/apache2
  • Edit apache2.conf with your favorite text editor (I like nano)
  • Scroll to the very bottom and add the following two lines:
  • SSLProtocol all -SSLv2
    SSLCipherSuite HIGH:!SSLv2:!ADH:!aNULL:!eNULL:!NULL
  • Restart apache by running sudo /etc/init.d/apache2 restart
  • Your server is now PCI compliant

Well, I should say that the encryption standard is now PCI compliant. The rest of the results will depend on your code. is your company required to be PCI compliant, or perform regular pen testing? What company or service do you use for that? let us know in the comments.

    Enhanced by Zemanta

    Twitter Delicious Facebook Digg Stumbleupon Favorites More

    Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | stopping spam