applied-crypto-hardening.log applied-crypto-hardening.pdf \
applied-crypto-hardening.toc applied-crypto-hardening.markdown \
applied-crypto-hardening.out
-- find . -name "*_generated.tex" -exec rm \{\} \;
rm -rf applied-crypto-hardening/
rm -rf gitHeadInfo.gin
+ rm applied-crypto-hardening.txt
\newpage
- \section{Acknowledgements}
+ \section*{Acknowledgements}
\label{section:Reviewers}
-
- %\todo{refs to this section do not work, see methods and disclaimer}
- % fixed! it was "section*{" versus "section{"
-
We would like to express our thanks to the following reviewers and people who have generously offered their time and interest (in alphabetical order):
-
- \vline{}
-
- \begin{minipage}[b]{0.5\linewidth}
- \center
+ \begin{multicols}{2}{\parskip=0pt\centering\obeylines%
Brown, Scott \\
-G\"uhring Philipp \\
+ Brulebois, Cyril \\
+ Dirksen-Thedens, Mathis \\
+ Dulaunoy, Alexandre \\
+Gühring Philipp \\
Grigg, Ian \\
Horenbeck, Maarten \\
+ Huebl, Axel \\
Kovacic, Daniel \\
Lenzhofer, Stefan \\
Lor\"unser, Thomas \\
- Mendel, Florian \\
Millauer, Tobias \\
- \end{minipage}
- \begin{minipage}[b]{0.5\linewidth}
- \center
+ O'Brien, Hugh \\
Pacher, Christoph \\
Palfrader, Peter \\
- Pichler, Patrick \\
+ Pape, Tobias (layout) \\
Petukhova, Anna (Logo) \\
- Pöschl, Ulrich \\
- San, Berg \\
- Schreck, Thomas \\
+ Pichler, Patrick \\
+ Roeckx, Kurt \\
Seidl, Eva (PDF layout) \\
-Wagner, Sebastian (``sebix'') \\
+Wagner, Sebastian («sebix») \\
Zangerl, Alexander \\
- \end{minipage}
+ }\end{multicols}
+
+
+ %% *@discuss@lists.cert.at --> AKA
+ %% devops mailing lists --> Pepi, Azet
+ %% cryptography liste (at release time) --> Azet
+
- \vline{}
The reviewers did review parts of the document in their area of
expertise; all remaining errors in this document are the sole
--- /dev/null
--- /dev/null
++\seqsplit{EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA}
--- /dev/null
-\CatchFileDef{\CIPHERSTRINGB}{cipherStringB.txt}{\endlinechar=-1 }%
+ %%%
+ %%% commands.tex
+ %%% Document-specific commands
+ %%%
+
+ % Outputs red TODOs in the document. Requires \usepackage{color}.
+ %
+ % Usage: \todo{Document the TODO command.}
+ %
+ % Comment out second line to disable.
+ \AtBeginDocument{\providecommand{\todo}[1]{}}
+ \newcommand*{\todo}[1]{{\color{Red} TODO: {#1}}}
+
+ % Creating a horizontal rule
+ \newcommand*{\HorRule}{%
+ \color{darkblue}%
+ \rule{\linewidth}{1pt}%
+ }
+
++%%% CIPHERSTRING
++\usepackage{seqsplit} % Use Sequence split. Basically it inserts between every character pair a box with zero width to allow linebreaks everywhere. Better solution wanted, but is there any better?
++\CatchFileDef{\cipherStringB}{common/cipherStringB.tex}{\endlinechar=-1 }%
++
+ %%% Local Variables:
+ %%% mode: latex
+ %%% TeX-master: "../applied-crypto-hardening"
+ %%% End:
--- /dev/null
-% literate={###CIPHERSTRINGB###}{{\CIPHERSTRINGB}}254,
+ %%%
+ %%% style.tex
+ %%% Stylistic configuration
+ %%%
+
+ % Colors
+ \definecolor{green}{RGB}{32,113,10}
+ \definecolor{orange}{RGB}{251,111,16}
+ \definecolor{red}{RGB}{247,56,0}
+ \definecolor{blue}{RGB}{0,28,128}
+ \definecolor{lightgreen}{RGB}{187,218,216}
+ \definecolor{intersectgreen}{RGB}{103,133,155}
+ \definecolor{darkblue}{RGB}{76,87,117}
+ \definecolor{Brown}{cmyk}{0,0.81,1,0.60}
+ \definecolor{OliveGreen}{cmyk}{0.64,0,0.95,0.40}
+ \definecolor{CadetBlue}{cmyk}{0.62,0.57,0.23,0}
+ \definecolor{lightlightgray}{gray}{0.9}
+
+ % Draft stuff
+ \ifdraft{
+ % Ensure that everything is neatly set up for us
+ \AtBeginDocument{
+ \def\draftInfo{%
+ Draft revision\gitVtags: \gitAbbrevHash{} %
+ (\gitCommitterIsoDate) \gitCommitterName}
+ \sbox{\draftWatermark}{%
+ \includegraphics[width=\paperwidth]{img/draft}}
+ \sbox{\draftPageLine}{%
+ \colorbox{black!10}{%
+ % enlarge box vertically by 2/3 lines
+ \raisebox{0pt}%
+ [\dimexpr .33\baselineskip + \height]%
+ [\dimexpr .33\baselineskip + \depth]{%
+ \makebox[\paperwidth]{\color{black!50}\draftInfo}}}}
+ }
+ }{}
+
+
+ %%% Fonts
+ % Fonts are loaded, now is the right time for mictorype.
+ \microtypesetup{stretch=9,shrink=15,step=3,tracking=smallcaps,letterspace=75}
+ % makes default font sans-serif
+ \renewcommand{\familydefault}{\sfdefault}
+
+ % Captions
+ \setcapindent{1em}
+ \addtokomafont{caption}{\small\itshape}
+ \addtokomafont{captionlabel}{\bfseries}
+
+ % Section headers
+ \addtokomafont{disposition}{\color{darkblue}\bfseries}
+
+ % Page foot
+ \setkomafont{pagefoot}{\normalfont\sffamily\footnotesize}
+ \ifoot%
+ [Applied Crypto Hardening\ifdraft{ % Space!
+ \textbullet{} \draftInfo}{}]%
+ {Applied Crypto Hardening \ifdraft{ % Space!
+ \textbullet{} \draftInfo}{}}
+ \cfoot[]{}
+ \ofoot%
+ [page \thepage\ of \pageref{LastPage}]%
+ {page \thepage\ of \pageref{LastPage}}
+ \renewcommand*{\chapterpagestyle}{scrheadings}
+ \pagestyle{scrheadings}
+
+ % Epigraph / dictum
+ \newcommand*{\epigraph}[3][]{\dictum[#3]{#2}\bigskip}
+ \renewcommand*{\dictumrule}{}
+ \renewcommand*{\dictumauthorformat}[1]{--- #1}
+ \addtokomafont{dictumtext}{\itshape}
+ \setkomafont{dictumauthor}{\normalfont}
+ \renewcommand{\dictumwidth}{8cm}
+
+ % Graphics
+ %tell TeX where to look for graphics/logos
+ \graphicspath{ {/img/} }
+
++% This block is for listings
++\usepackage[framemethod=TikZ]{mdframed} % mdframed is used to draw a grey box
++\mdfdefinestyle{listingstyle}{
++ backgroundcolor=black!10,outerlinewidth=0,outerlinecolor=black,
++ innerleftmargin=9pt,innerrightmargin=0,innertopmargin=3pt,innerbottommargin=2pt
++}
++%\usepackage{amssymb}% for \curvearrowright
++% Insert a grey box behind the listing for uniform background color (The \cipherstring would the listing and the background would turn white)
++\BeforeBeginEnvironment{lstlisting}{\vspace{0.2cm}\begin{mdframed}[style=listingstyle]}
++\AfterEndEnvironment{lstlisting}{\end{mdframed}}
+ % Listings
+ \lstset{
- prebreak=\raisebox{0ex}[0ex][0ex]{\ensuremath{\hookleftarrow}},
+ basicstyle=\ttfamily,
+ keywordstyle=\color{OliveGreen},
+ commentstyle=\color{gray},
+ backgroundcolor=\color{lightlightgray},
+ upquote=true,
++ showstringspaces=false,
+ tabsize=2,
+ captionpos=b,
+ breaklines=true,
+ breakatwhitespace=false,
+ inputencoding=utf8,
++ breakatwhitespace=false,
++ showspaces=false,
++ columns=fullflexible, % Column format: no spaces are inserted for monospaced appearance
++ breakindent=10pt,
+ morekeywords={__global__, __device__},%
+ escapechar=\`,
++ escapeinside={\%*}{*)}, % Escape TeX commands inside %* and *)
++% prebreak=\mbox{$\curvearrowright$}, % Disply curved arrow before linebreak
++ prebreak=\small\symbol{'134},
+ }
+
+
+ % Hyperref styles
+ \hypersetup{%
+ breaklinks,%
+ colorlinks,%
+ linkcolor=darkblue,citecolor=blue,urlcolor=blue,%
+ breaklinks=true,%
+ unicode,%
+ pdfnewwindow=true,%
+ final
+ }
+ \urlstyle{same}
+
+ % Bibliography
+ \bibliographystyle{alphalink}
+
+ % Disable single lines at the start of a paragraph (Schusterjungen)
+ \clubpenalty = 10000
+ % Disable single lines at the end of a paragraph (Hurenkinder)
+ \widowpenalty = 10000
+ \displaywidowpenalty = 10000 % formulas
+ \setlength{\textfloatsep}{\baselineskip}
+ \setlength{\floatsep}{\baselineskip}
+
+ \frenchspacing
+ \raggedbottom
+
+ % customized spaces between text and footnotes
+ \setlength{\skip\footins}{2\baselineskip}
+
+ % Better float parameters: (from the TeX FAQ)
+ \renewcommand{\topfraction}{.85}
+ \renewcommand{\bottomfraction}{.7}
+ \renewcommand{\textfraction}{.15}
+ \renewcommand{\floatpagefraction}{.66}
+ \renewcommand{\dbltopfraction}{.66}
+ \renewcommand{\dblfloatpagefraction}{.66}
+ \setcounter{topnumber}{9}
+ \setcounter{bottomnumber}{9}
+ \setcounter{totalnumber}{20}
+ \setcounter{dbltopnumber}{9}
+
+ %%% Local Variables:
+ %%% mode: latex
+ %%% TeX-master: "../applied-crypto-hardening"
+ %%% End:
- %\newpage
- %\section{Recommendations on practical settings}
-
- \label{section:PracticalSettings}
-
\section{Webservers}
- \input{"./practical_settings/webserver.tex"}
-
- %\newpage
+ \label{sec:webservers}
-\input{practical_settings/webserver_generated}
++\input{practical_settings/webserver}
\section{SSH}
- \input{"./practical_settings/ssh.tex"}
-
- %\newpage
+ \label{sec:ssh}
+ \input{practical_settings/ssh}
\section{Mail Servers}
- \input{"./practical_settings/mailserver.tex"}
-
-
- %\newpage
+ \label{sec:mail-servers}
-\input{practical_settings/mailserver_generated}
++\input{practical_settings/mailserver}
\section{VPNs}
- \input{"./practical_settings/vpn.tex"}
-
-
- %\newpage
+ \label{sec:vpns}
+ \input{practical_settings/vpn}
\section{PGP/GPG - Pretty Good Privacy}
- \input{"./practical_settings/GPG.tex"}
-
-
- %\newpage
+ \label{sec:pgpgpg-pretty-good}
+ \input{practical_settings/GPG}
%\section{seclayer-tcp}
- %\input{"./practical_settings/seclayer_tcp.tex"}
-
-
- %\newpage
+ %\input{practical_settings/seclayer_tcp}
\section{IPMI, ILO and other lights out management solutions}
- \input{"./practical_settings/ipmi.tex"}
-
-
+ \label{sec:ipmi-ilo-other}
+ \input{practical_settings/ipmi}
%%\section{SIP}
%%\todo{AK: ask Klaus. Write this section, Klaus??? }
-
-
- %\newpage
\section{Instant Messaging Systems}
- \input{"./practical_settings/im.tex"}
-
-
- %\newpage
+ \label{sec:inst-mess-syst}
+ \input{practical_settings/im}
\section{Database Systems}
- \input{"./practical_settings/DBs.tex"}
-
-
- %\newpage
+ \label{sec:database-systems}
-\input{practical_settings/DBs_generated}
++\input{practical_settings/DBs}
\section{Intercepting proxy solutions and reverse proxies}
- \input{"./practical_settings/proxy_solutions.tex"}
-
-
+ \label{sec:interc-proxy-solut}
-\input{practical_settings/proxy_solutions_generated}
++\input{practical_settings/proxy_solutions}
%%% Local Variables:
%%% mode: latex
% This list is based on : http://en.wikipedia.org/wiki/Relational_database_management_system#Market_share
%% ----------------------------------------------------------------------
-\subsubsection{Oracle}
-\begin{description}
-\item[Tested with Version:] not tested
+\subsection{Oracle}
+%\subsubsection{Tested with Version}
+\todo{not tested yet}
-\item[References:] (German)
-{\small \url{http://www.telekom.com/static/-/155996/7/technische-sicherheitsanforderungen-si}}
+\subsubsection{References}
+\begin{itemize}
+ \item Technical safety requirements by \emph{Deutsche Telekom AG} (German). Please read section 17.12 or pages 129 and following (Req 396 and Req 397) about SSL and ciphersuites \url{http://www.telekom.com/static/-/155996/7/technische-sicherheitsanforderungen-si}
+\end{itemize}
-Please read the following pages about SSL and ciphersuites:\\
-p. 129 -Req 396 and Req 397 \\
-
-\end{description}
%% ----------------------------------------------------------------------
- \subsection{SQL Server}
- \todo{write this}
-%%\subsubsection{SQL Server}
++%%\subsection{SQL Server}
+ %%\todo{write this}
-
%% ----------------------------------------------------------------------
-\subsubsection{MySQL}
-
-\begin{description}
-\item[Tested with Version:] Debian Wheezy and MySQL 5.5
+\subsection{MySQL}
+\subsubsection{Tested with Version}
+\begin{itemize}
- \item Debian 7.0 and MySQL 5.5
++ \item Debian Wheezy and MySQL 5.5
+\end{itemize}
-\item[Settings:] \mbox{}
-\paragraph*{my.cnf}\mbox{}\\
-
-\begin{lstlisting}[breaklines]
+\subsubsection{Settings}
+\paragraph*{my.cnf}
+\begin{lstlisting}
[mysqld]
ssl
ssl-ca=/etc/mysql/ssl/ca-cert.pem
- ssl-cert=/etc/mysql/ssl/client-cert.pem
- ssl-key=/etc/mysql/ssl/client-key.pem
- ssl-cipher=EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EDH+CAMELLIA256:EECDH:EDH+aRSA:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED:!AES128:!CAMELLIA128:!ECDSA:AES256-SHA
+ ssl-cert=/etc/mysql/ssl/server-cert.pem
+ ssl-key=/etc/mysql/ssl/server-key.pem
+ ssl-cipher=@@@CIPHERSTRINGB@@@
\end{lstlisting}
-\item[Additional settings:]
-
+%\subsubsection{Additional settings}
-\item[Justification for special settings (if needed):]
+%\subsubsection{Justification for special settings (if needed)}
% in case you have the need for further justifications why you chose this and that setting or if the settings do not fit into the standard Variant A or Variant B schema, please document this here
-\item[References:]
-{\small \url{https://dev.mysql.com/doc/refman/5.5/en/ssl-connections.html}}
-\item[How to test:]
+\subsubsection{References}
+\begin{itemize}
+ \item MySQL Documentation on SSl Connections: \url{https://dev.mysql.com/doc/refman/5.5/en/ssl-connections.html}
+\end{itemize}
+
+\subsubsection{How to test}
After restarting the server run the following query to see if the ssl settings are correct:
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
show variables like '%ssl%';
\end{lstlisting}
TLS_RSA_WITH_AES_128_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
-
\end{lstlisting}
-\end{description}
%% ----------------------------------------------------------------------
+\subsection{PostgreSQL}
+\subsubsection{Tested with Versions}
+\begin{itemize}
+ \item Debian 7.0 and PostgreSQL 9.1
+ \item Linux Mint 14 nadia / Ubuntu 12.10 quantal with PostgreSQL 9.1+136 and OpenSSL 1.0.1c
+\end{itemize}
-\subsubsection{PostgreSQL}
-
-\begin{description}
-\item[Tested with Version:] Debian Wheezy and PostgreSQL 9.1
-
-\item[References:]
-
-It's recommended to read
-
-{\small \url{http://www.postgresql.org/docs/current/static/runtime-config-connection.html#RUNTIME-CONFIG-CONNECTION-SECURITY}}
-{\small \url{http://www.postgresql.org/docs/current/static/ssl-tcp.html}}
-{\small \url{http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html}}
-\item[Settings:] \mbox{}
+\subsubsection{References}
+\begin{itemize}
+ \item It's recommended to read {\small \url{http://www.postgresql.org/docs/9.1/interactive/runtime-config-connection.html\#RUNTIME-CONFIG-CONNECTION-SECURITY}} (please edit the version with your preferred one).
+ \item PostgreSQL Documentation on \emph{Secure TCP/IP Connections with SSL}: \url{http://www.postgresql.org/docs/9.1/static/ssl-tcp.html}
++ \item PostgreSQL Documentation on \emph{host-based authentication}: \url{http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html}
+\end{itemize}
-To start in SSL mode the server.crt and server.key must exist in the server's data directory \$PGDATA.
+\subsubsection{Settings}
+To start in SSL mode the server.crt and server.key must exist in the server's data directory \$PGDATA.
-Starting with version 9.2, you have the possibility to set the path.
+Starting with version 9.2, you have the possibility to set the path manually.
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
ssl_key_file = '/your/path/server.key'
ssl_cert_file = '/your/path/server.crt'
ssl_ca_file = '/your/path/root.crt'
\end{lstlisting}
-\paragraph*{postgresql.conf}\mbox{}\\
-\begin{lstlisting}[breaklines]
+\paragraph*{postgresql.conf}\mbox{}\\
+\begin{lstlisting}
#>=8.3
ssl = on
- ssl_ciphers = 'EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EDH+CAMELLIA256:EECDH:EDH+aRSA:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED:!AES128:!CAMELLIA128:!ECDSA:AES256-SHA'
+ ssl_ciphers = '@@@CIPHERSTRINGB@@@'
\end{lstlisting}
\subsubsection{Hashing}
Avoid SHA-1 in GnuPG. Edit \$HOME/.gnupg/gpg.conf:
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
- # according to: https://www.debian-administration.org/users/dkg/weblog/48
personal-digest-preferences SHA256
cert-digest-algo SHA256
default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed
%%\subsection{Instant Messaging Systems}
-\subsubsection{XMPP / Jabber}
+%\subsubsection{XMPP / Jabber}
-\subsubsection{General server configuration recommendations}
+\subsection{General server configuration recommendations}
- For servers, we mostly recommend to apply what's proposed by the {\it Peter's manifesto}\footnote{https://github.com/stpeter/manifesto}.
+ For servers, we mostly recommend to apply what's proposed by the \emph{Peter's manifesto}\footnote{\url{https://github.com/stpeter/manifesto}}.
In short:
\begin{itemize}
It basically uses Diffie-Hellman, AES and SHA1. Communicating over an insecure instant messaging network, OTR can be used for end to end encryption.
-There are no specific configurations required but the protocol itself is worth to be mentioned.
+There are no specific configurations required but the protocol itself is worth being mentioned.
+
-\subsubsection{IRC}
+%%----------------------------------------------------------------------
+\subsection{Charybdis}
- There are numerous implementations of IRC servers. In this section, we choose \emph{Charybdis} which serves as basis for \emph{ircd-seven}\footnote{https://dev.freenode.net/redmine/projects/ircd-seven}, developed and used by freenode. Freenode is actually the biggest IRC network\footnote{http://irc.netsplit.de/networks/top10.php}. \emph{Charybdis} is part of the \emph{Debian} \& \emph{Ubuntu} distributions.
+ There are numerous implementations of IRC servers. In this section, we choose \emph{Charybdis} which serves as basis for \emph{ircd-seven}\footnote{\url{https://dev.freenode.net/redmine/projects/ircd-seven}}, developed and used by freenode. Freenode is actually the biggest IRC network\footnote{\url{http://irc.netsplit.de/networks/top10.php}}. \emph{Charybdis} is part of the \emph{Debian} \& \emph{Ubuntu} distributions.
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
/* Extensions */
# Some modules
#loadmodule "extensions/chm_sslonly_compat.so";
\subsubsection{Settings}
% Example: http://dovecot.org/list/dovecot/2013-October/092999.html
-\begin{lstlisting}[breaklines]
- ssl_cipher_list = '@@@CIPHERSTRINGB@@@'
+\begin{lstlisting}
- ssl_cipher_list = '%*\cipherstringB*)'
++ ssl_cipher_list = '%*\cipherStringB*)'
ssl_prefer_server_ciphers = yes
\end{lstlisting}
Limiting the ciphers provided may force (especially older) clients to connect without encryption at all! Sticking to the defaults is recommended.\\
If you still want to force strong encryption use
-\begin{lstlisting}[breaklines]
- tls_cipher_list: @@@CIPHERSTRINGB@@@
+\begin{lstlisting}
- tls_cipher_list: %*\cipherstringB*)
++ tls_cipher_list: %*\cipherStringB*)
\end{lstlisting}
cyrus-imapd loads hardcoded 1024 bit DH parameters using get\_rfc2409\_prime\_1024() by default. If you want to load your own DH parameters add them PEM encoded to the certificate file given in tls\_cert\_file. Do not forget to re-add them after updating your certificate.\\
acceptable for the ``mandatory'' security level, again in
\verb|main.cf|:
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_mandatory_ciphers=high
- tls_high_cipherlist=%*\cipherstringB*)
- tls_high_cipherlist=@@@CIPHERSTRINGB@@@
++ tls_high_cipherlist=%*\cipherStringB*)
\end{lstlisting}
Then, we configure the MSA smtpd in \verb|master.cf| with two
\subsubsection{How to test}
You can check the effect of the settings with the following command:
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
- $ zegrep "TLS connection established from.*with cipher" | /var/log/mail.log | awk '{printf("%s %s %s %s\n", $12, $13, $14, $15)}' | sort | uniq -c | sort -n
+ $ zegrep "TLS connection established from.*with cipher" /var/log/mail.log | awk '{printf("%s %s %s %s\n", $12, $13, $14, $15)}' | sort | uniq -c | sort -n
1 SSLv3 with cipher DHE-RSA-AES256-SHA
23 TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384
60 TLSv1 with cipher ECDHE-RSA-AES256-SHA
%\end{lstlisting}
The cipher used is written to the logfiles by default. You may want to add
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
- log_selector = <....whatever your log_selector already contains...> \
+ log_selector = <whatever your log_selector already contains> \
+tls_certificate_verified +tls_peerdn +tls_sni
\end{lstlisting}
to get even more TLS information logged.
\end{lstlisting}
The cipher used is written to the logfiles by default. You may want to add
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
- log_selector = <....whatever your log_selector already contains...> \
+ log_selector = <whatever your log_selector already contains> \
+tls_certificate_verified +tls_peerdn +tls_sni
\end{lstlisting}
to get even more TLS information logged.
As of squid-3.2.7 (01 Feb 2013) there is support for the OpenSSL NO\_Compression option within squid config (CRIME attack) and if you combine that in the config file, with an enforcement of the server cipher preferences (BEAST Attack) you are safe.
\paragraph*{squid.conf}\mbox{}\\
- squid.conf
\todo{UNTESTED!}
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
options=NO_SSLv2,NO_TLSv1,NO_Compression,CIPHER_SERVER_PREFERENCE
- cipher=%*\cipherstringB*)
-cipher=@@@CIPHERSTRINGB@@@
++cipher=%*\cipherStringB*)
\end{lstlisting}
AddHeader "Front-End-Https: on"
Cert "/path/to/your/cert.pem"
## See 'man ciphers'.
- Ciphers "TLSv1.2:TLSv1.1:!SSLv3:!SSLv2:%*\cipherstringB*)"
- Ciphers "TLSv1.2:TLSv1.1:!SSLv3:!SSLv2:@@@CIPHERSTRINGB@@@"
++ Ciphers "TLSv1.2:TLSv1.1:!SSLv3:!SSLv2:%*\cipherStringB*)"
Service
BackEnd
Address 10.20.0.10
%%----------------------------------------------------------------------
\subsection{OpenSSH}
- \subsubsection{Tested with Version} OpenSSH 6.1
+ \subsubsection{Tested with Version} OpenSSH 6.4 (Debian jessie)
\subsubsection{Settings}
\paragraph*{sshd\_config}
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
# ...
Protocol 2
\subsection{Cisco IOS}
\subsubsection{Tested with Version} 15.0, 15.1, 15.2
\subsubsection{Settings}
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
- crypto key generate rsa modulus 2048 label SSH-KEYS
+ crypto key generate rsa modulus 4096 label SSH-KEYS
++\begin{lstlisting}[breaklines]
ip ssh rsa keypair-name SSH-KEYS
ip ssh version 2
ip ssh dh min size 2048
% ----------------------------------------------------------------------
\subsection{OpenVPN}
-\begin{description}
-
-\item[Tested with Version:] \mbox{}\\
+\subsubsection{Tested with Version}
\begin{itemize}
-\item OpenVPN 2.3.2 from Debian ``wheezy-backports'' linked against openssl (libssl.so.1.0.0)
-\item OpenVPN 2.2.1 from Debian Wheezy linked against openssl
+ \item OpenVPN 2.3.2 from Debian ``wheezy-backports'' linked against openssl (libssl.so.1.0.0)
- \item OpenVPN 2.2.1 from Debian 7.0 linked against openssl (libssl.so.1.0.0)
++ \item OpenVPN 2.2.1 from Debian Wheezy linked against openssl
+ (libssl.so.1.0.0)
-\item OpenVPN 2.3.2 for Windows
+ \item OpenVPN 2.3.2 for Windows
\end{itemize}
-\item[Settings:] \mbox{}
-
-\paragraph{General}\mbox{}
+\subsubsection{Settings}
+\paragraph{General}\mbox{}\\
We describe a configuration with certificate-based authentication; see
below for details on the \verb|easyrsa| tool to help you with that.
configuring a shorter interval, or switch to a byte- or packet-based
interval (\verb|reneg-bytes| or \verb|reneg-pkts|).
-\paragraph{Fixing ``easy-rsa''}\mbox{}
-
+\paragraph{Fixing ``easy-rsa''}\mbox{}\\
When installing an OpenVPN server instance, you are probably using
- {\it easy-rsa} to generate keys and certificates.
+ \emph{easy-rsa} to generate keys and certificates.
The file \verb|vars| in the easyrsa installation directory has a
number of settings that should be changed to secure values:
of \verb|sha1| with \verb|sha256|, to sign the certificates with
SHA256.
-\item[Limitations:] \mbox{}
- \subsubsection{Limitations}
- Note that the ciphersuites shown by \verb|openvpn --show-tls| are {\it
- known}, but not necessarily {\it
- supported} \footnote{\url{https://community.openvpn.net/openvpn/ticket/304}}.
- Note that the ciphersuites shown by \verb|openvpn --show-tls| are
- \emph{known}, but not necessarily \emph{supported}
- \footnote{\url{https://community.openvpn.net/openvpn/ticket/304}}.
++Note that the ciphersuites shown by \verb|openvpn --show-tls| are
++\emph{known}, but not necessarily \emph{supported}
++\footnote{\url{https://community.openvpn.net/openvpn/ticket/304}}.
Which cipher suite is actually used can be seen in the logs:
-%%\subsection{Webservers}
-
%%----------------------------------------------------------------------
- Please note, that any cipher suite starting with ECDHE can be omitted, if in doubt.
++Note that any cipher suite starting with EECDH can be omitted, if in doubt.
++(Compared to the theory section, EECDH in Apache and ECDHE in OpenSSL are
++synonyms~\footnote{https://www.mail-archive.com/openssl-dev@openssl.org/msg33405.html})
+
\subsection{Apache}
-
- \subsubsection{Tested with Versions}
+ \subsubsection{Tested with Versions}
\begin{itemize}
- \item Apache2/2.2.22-13 with OpenSSL 1.0.1e on Debian Wheezy (ciphers with Forward Secrecy are not chosen with Internet Explorer on Windows)
-\item Apache 2.2.22 linked against OpenSSL 1.0.1e, Debian Wheezy
-\item Apache 2.4.6 linked against OpenSSL 1.0.1e, Debian Jessie
++ \item Apache 2.2.22 linked against OpenSSL 1.0.1e, Debian Wheezy
++ \item Apache 2.4.6 linked against OpenSSL 1.0.1e, Debian Jessie
\end{itemize}
SSLProtocol All -SSLv2 -SSLv3
SSLHonorCipherOrder On
SSLCompression off
+ SSLSessionCache shmcb:${APACHE_RUN_DIR}/ssl_scache(512000)
+ SSLSessionCacheTimeout 300
# Add six earth month HSTS header for all users...
- Header add Strict-Transport-Security "max-age=15768000"
+ Header always set Strict-Transport-Security "max-age=15768000"
# If you want to protect all subdomains, use the following header
# ALL subdomains HAVE TO support https if you use this!
- # Strict-Transport-Security: max-age=15768000 ; includeSubDomains
-
- SSLCipherSuite '@@@CIPHERSTRINGB@@@'
+ # Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains"
- SSLCipherSuite '%*\cipherstringB*)'
++ SSLCipherSuite '%*\cipherStringB*)'
\end{lstlisting}
-Note that any cipher suite starting with EECDH can be omitted, if in doubt.
-(Compared to the theory section, EECDH in Apache and ECDHE in OpenSSL are
-synonyms~\footnote{https://www.mail-archive.com/openssl-dev@openssl.org/msg33405.html})
--
\subsubsection{Additional settings}
+You might want to redirect everything to \emph{https://} if possible. In Apache
+you can do this with the following setting inside of a VirtualHost environment:
-You might want to redirect everything to http\textbf{s}:// if possible. In Apache you can do this with the following setting inside of a VirtualHost environment:
-
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
<VirtualHost *:80>
- #...
- RewriteEngine On
- RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R=permanent]
- #...
+ RewriteEngine On
+ RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R=permanent]
</VirtualHost>
\end{lstlisting}
\subsubsection{How to test}
- See section \ref{section:Tools}
+ See appendix \ref{cha:tools}
-%%\end{description}
-
-
%%----------------------------------------------------------------------
\subsection{lighttpd}
-\todo{sebix: add/test ssl.ec-curve and ssl.dh-file; see \url{http://redmine.lighttpd.net/projects/1/wiki/Docsr\_SSL\#Diffie-Hellman-and-Elliptic-Curve-Diffie-Hellman-parameters}}
+
-%%\begin{description}
-\subsubsection{Tested with Version}
+\subsubsection{Tested with Versions}
++\todo{sebix: add/test ssl.ec-curve and ssl.dh-file; see \url{http://redmine.lighttpd.net/projects/1/wiki/Docsr\_SSL\#Diffie-Hellman-and-Elliptic-Curve-Diffie-Hellman-parameters}}
\begin{itemize}
-\item lighttpd/1.4.31-4 with OpenSSL 1.0.1e on Debian Wheezy
-\item lighttpd/1.4.33 with OpenSSL 0.9.8o on Debian Squeeze (note that TLSv1.2 does not work in openssl 0.9.8 thus not all ciphers actually work)
-\item lighttpd/1.4.28-2 with OpenSSL 0.9.8o on Debian Squeeze (note that TLSv1.2 does not work in openssl 0.9.8 thus not all ciphers actually work)
+ \item lighttpd/1.4.31-4 with OpenSSL 1.0.1e on Debian Wheezy
+ \item lighttpd/1.4.33 with OpenSSL 0.9.8o on Debian Squeeze (note that TLSv1.2 does not work in openssl 0.9.8 thus not all ciphers actually work)
+ \item lighttpd/1.4.28-2 with OpenSSL 0.9.8o on Debian Squeeze (note that TLSv1.2 does not work in openssl 0.9.8 thus not all ciphers actually work)
\end{itemize}
ssl.engine = "enable"
ssl.use-sslv2 = "disable"
ssl.use-sslv3 = "disable"
- #ssl.use-compression obsolete >= 1.4.3.1
ssl.pemfile = "/etc/lighttpd/server.pem"
- ssl.cipher-list = "%*\cipherstringB*)"
- ssl.cipher-list = "@@@CIPHERSTRINGB@@@"
++ ssl.cipher-list = "%*\cipherStringB*)"
ssl.honor-cipher-order = "enable"
- setenv.add-response-header = ( "Strict-Transport-Security" => "max-age=31536000")
+ setenv.add-response-header = ( "Strict-Transport-Security" => "max-age=15768000") # six months
+ # use this only if all subdomains support HTTPS!
+ # setenv.add-response-header = ( "Strict-Transport-Security" => "max-age=15768000; includeSubDomains")
}
\end{lstlisting}
\subsubsection{Additional settings}
- As for any other webserver, you might want to automatically redirect http
++As for any other webserver, you might want to automatically redirect \emph{http://}
+traffic towards \emph{https://}. It is also recommended to set the environment
- variable \emph{HTTPS}, PHP applications can then detect that HTTPS is in use.
++variable \emph{HTTPS}, PHP applications run by the webserver can then detect,
++that HTTPS is in use.
-As for any other webserver, you might want to automatically redirect http
-traffic toward http\textbf{s}:// It is also recommended to set the environment variable
-\emph{HTTPS}, so the applications run by the webserver can easily detect, that
-HTTPS is in use.
-
-
-
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
$HTTP["scheme"] == "http" {
# capture vhost name with regex conditiona -> %0 in redirect pattern
# must be the most inner block to the redirect rule
Support for other SSL-libraries like GnuTLS will be available in the upcoming
2.x branch, which is currently under development.
-
\subsubsection{References}
-
\begin{itemize}
- \item HTTPS redirection: \url{http://redmine.lighttpd.net/projects/1/wiki/HowToRedirectHttpToHttps}
- \item Lighttpd Docs SSL: \url{http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs\_SSL}
- \item Release 1.4.30 (How to mitigate BEAST attack) \url{http://redmine.lighttpd.net/projects/lighttpd/wiki/Release-1\_4\_30}
- \item SSL Compression disabled by default: \url{http://redmine.lighttpd.net/issues/2445}
+ \item HTTPS redirection: \url{http://redmine.lighttpd.net/projects/1/wiki/HowToRedirectHttpToHttps}
+ \item Lighttpd Docs SSL: \url{http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs\_SSL}
+ \item Release 1.4.30 (How to mitigate BEAST attack) \url{http://redmine.lighttpd.net/projects/lighttpd/wiki/Release-1\_4\_30}
+ \item SSL Compression disabled by default: \url{http://redmine.lighttpd.net/issues/2445}
\end{itemize}
-
-
-
\subsubsection{How to test}
- See section \ref{section:Tools}
+ See appendix \ref{cha:tools}
+
-
%%----------------------------------------------------------------------
\subsection{nginx}
\subsubsection{Settings}
-
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # not possible to do exclusive
- ssl_ciphers '%*\cipherstringB*)';
- ssl_ciphers '@@@CIPHERSTRINGB@@@';
- add_header Strict-Transport-Security max-age=2592000;
++ ssl_ciphers '%*\cipherStringB*)';
+ add_header Strict-Transport-Security "max-age=15768000; includeSubDomains"
\end{lstlisting}
If you absolutely want to specify your own DH parameters, you can specify them via
ssl_ecdh_curve secp384r1;
\end{lstlisting}
-You might want to redirect everything to http\textbf{s}:// if possible. In Nginx you can do this with the following setting:
+You might want to redirect everything to \emph{https://} if possible. In Nginx you can do this with the following setting:
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
- rewrite ^(.*) https://$host$1 permanent;
+ return 301 https://$host$request_uri;
\end{lstlisting}
\end{itemize}
\subsubsection{How to test}
- See section \ref{section:Tools}
+ See appendix \ref{cha:tools}
-
-
-
-
%%----------------------------------------------------------------------
\subsection{MS IIS}
\label{sec:ms-iis}
% add any further references or best practice documents here
\subsubsection{How to test}
- See section \ref{section:Tools}
+ See appendix \ref{cha:tools}
-
%\end{description}
+
+ %%% Local Variables:
+ %%% mode: latex
+ %%% TeX-master: "../applied-crypto-hardening"
+ %%% End:
This results in the OpenSSL string:
%'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA'
-\begin{lstlisting}[breaklines]
-@@@CIPHERSTRINGB@@@
+\begin{lstlisting}
- %*\cipherstringB*)
++%*\cipherStringB*)
\end{lstlisting}
\todo{make a column for cipher chaining mode}