all: pdf html md
-%_generated.tex: %.tex
- ./perlify.pl
-
pdf:
./update-metadata-for-gitinfo
- ./perlify.pl
pdflatex applied-crypto-hardening
bibtex applied-crypto-hardening
while grep -s "Rerun to get cross-references right" \
\begin{minipage}[b]{0.5\linewidth}
\center
Brown, Scott \\
-G\"uhring Philipp \\
+Gühring Philipp \\
Grigg, Ian \\
Horenbeck, Maarten \\
Kovacic, Daniel \\
Palfrader, Peter \\
Pichler, Patrick \\
Petukhova, Anna (Logo) \\
-P\"oschl, Ulrich \\
+Pöschl, Ulrich \\
San, Berg \\
Schreck, Thomas \\
Seidl, Eva (PDF layout) \\
-Wagner, Sebastian (``sebix'') \\
+Wagner, Sebastian («sebix») \\
Zangerl, Alexander \\
\end{minipage}
}
@misc{muenz-compression,
- author = {{G. M\"unz and L. Braun}},
+ author = {{G. Münz and L. Braun}},
title = {Lossless Compression for IP Flow Information Export (IPFIX)},
howpublished = {https://tools.ietf.org/html/draft-muenz-ipfix-compression-00},
year = 2008,
\usepackage[english]{babel} % English language/hyphenation
+\usepackage[utf8]{inputenc} % UTF-8 as input-encoding
\usepackage[protrusion=true,expansion=true]{microtype} % Better typography
\usepackage{amsmath,amsfonts,amsthm} % Math packages
\usepackage[pdftex]{graphicx} % Enable pdflatex
\usepackage{acronym}
\usepackage{amsthm}
\usepackage{fancyvrb}
+\usepackage{upquote} % For correct single quotes in listings
\usepackage{listings}
\usepackage{longtable}
% \usepackage[T1]{fontenc}
% \usepackage{textcomp}
+% This block is for listings
+\usepackage[framemethod=TikZ]{mdframed} % mdframed is used to draw a grey box
+\mdfdefinestyle{listingstyle}{
+ backgroundcolor=black!10,outerlinewidth=0,outerlinecolor=black,
+ innerleftmargin=0,innerrightmargin=0,innertopmargin=0pt,innerbottommargin=0pt
+}
+\usepackage{amssymb}% for \curvearrowright
+% Insert a grey box behind the listing for uniform background color (The \cipherstring would the listing and the background would turn white)
+\BeforeBeginEnvironment{lstlisting}{\vspace{0.2cm}\begin{mdframed}[style=listingstyle]}
+\AfterEndEnvironment{lstlisting}{\end{mdframed}}
\lstset{
%language=Bash, % Code langugage
basicstyle=\ttfamily, % Code font, Examples: \footnotesize, \ttfamily
breaklines=true, % Automatic line breaking?
breakatwhitespace=false, % Automatic breaks only at whitespace?
showspaces=false, % Dont make spaces visible
+showstringspaces=false,
showtabs=false, % Dont make tabls visible
-columns=fixed, % Column format
+columns=fullflexible, % Column format: no spaces are inserted for monospaced appearance
morekeywords={__global__, __device__}, %
+escapeinside={\%*}{*)}, % Escape TeX commands inside %* and *)
+prebreak=\mbox{$\curvearrowright$}, % Disply curved arrow before linebreak
+xrightmargin=1.8pt,
}
%\vskip 0.5em
\author{Wolfgang Breyha, David Durvaux, Tobias Dussa, L. Aaron
Kaplan, Florian Mendel, Christian Mock, Manuel Koschuch, Adi
- Kriegisch, Ulrich P\"oschl, Ramin Sabet, Berg San, Ralf Schlatterbeck,
+ Kriegisch, Ulrich Pöschl, Ramin Sabet, Berg San, Ralf Schlatterbeck,
Thomas Schreck, Aaron Zauner, Pepi Zawodsky}
%\institute{
%FH Campus Wien
% hyperref needs to be the last package you load.
\usepackage[pdftex,breaklinks,colorlinks,linkcolor=darkblue,citecolor=blue,urlcolor=blue]{hyperref}
+% CIPHERSTRING
+\usepackage{seqsplit} % Use Sequence split. Basically it inserts between every character pair a box with zero width to allow linebreaks everywhere. Better solution wanted, but is there any better?
+\newcommand{\cipherstringB}{\seqsplit{EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA}}
%%% Begin document
\begin{document}
+++ /dev/null
-EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
\epigraph{``Encryption works. Properly implemented strong crypto systems are
one of the few things that you can rely on. Unfortunately, endpoint security is
-so terrifically weak that NSA can frequently find ways around it.''}{-— Edward
+so terrifically weak that NSA can frequently find ways around it.''}{--- Edward
Snowden, answering questions live on the Guardian's
website\cite{snowdenGuardianGreenwald}}
+++ /dev/null
-#!/usr/bin/env perl
-
-use strict;
-use File::Basename;
-
-my $debug=1;
-my @exclude=('DH.tex', 'ECC.tex', 'LATER.tex', 'PKIs.tex', 'RNGs.tex', 'abstract.tex', 'acknowledgements.tex', 'applied-crypto-hardening.tex', 'bib.tex', 'cipher_suites.tex', 'disclaimer.tex', 'further_research.tex', 'howtoread.tex', 'keylengths.tex', 'links.tex', 'methods.tex', 'motivation.tex', 'practical_settings.tex', 'reviewers.tex', 'scope.tex', 'ssllibs.tex', 'suggested_reading.tex', 'template.tex', 'tools.tex');
-
-my $cipherStrB=`cat cipherStringB.txt`;
-chomp $cipherStrB;
-
-my @files=`find . -name "*.tex" -a \! -name "*_generated.tex" -print`;
-my $f;
-
-foreach $f ( @files) {
- chomp $f;
- $f =~ /(.*)\.tex/;
- my $fbasename = basename($f);
- my $ftex = "$1_generated.tex";
-
- system("grep", "-q", "\@\@\@CIPHERSTRINGB\@\@\@" , $f);
- if ($? eq 0 ) { #and not (/$fbasename/ ~~ @exclude)) {
-
- print "file = $f\n" if $debug;
- print "ftex = $ftex\n" if $debug;
-
- open(FH, "<", $f ) or die "could not open file $f: $!";
- open(FHOUT, ">", $ftex ) or die "could not open file $ftex: $!";
-
- while (<FH>) {
- $_ =~ s/\@\@\@CIPHERSTRINGB\@\@\@/$cipherStrB/g;
- print FHOUT $_;
- }
- }
- else {
- print "skipping file $f\n" if $debug;
- }
-}
\label{section:PracticalSettings}
\section{Webservers}
-\input{"./practical_settings/webserver_generated.tex"}
+\input{"./practical_settings/webserver.tex"}
%\newpage
\section{SSH}
%\newpage
\section{Mail Servers}
-\input{"./practical_settings/mailserver_generated.tex"}
+\input{"./practical_settings/mailserver.tex"}
%\newpage
%\newpage
\section{Intercepting proxy solutions and reverse proxies}
-\input{"./practical_settings/proxy_solutions_generated.tex"}
+\input{"./practical_settings/proxy_solutions.tex"}
% This list is based on : http://en.wikipedia.org/wiki/Relational_database_management_system#Market_share
%% ----------------------------------------------------------------------
-\subsubsection{Oracle}
-\begin{description}
-\item[Tested with Version:] not tested
+\subsection{Oracle}
+%\subsubsection{Tested with Version}
+\todo{not tested yet}
-\item[References:] (German)
-{\small \url{http://www.telekom.com/static/-/155996/7/technische-sicherheitsanforderungen-si}}
+\subsubsection{References}
+\begin{itemize}
+ \item Technical safety requirements by \emph{Deutsche Telekom AG} (German). Please read section 17.12 or pages 129 and following (Req 396 and Req 397) about SSL and ciphersuites \url{http://www.telekom.com/static/-/155996/7/technische-sicherheitsanforderungen-si}
+\end{itemize}
-Please read the following pages about SSL and ciphersuites:\\
-p. 129 -Req 396 and Req 397 \\
-
-\end{description}
%% ----------------------------------------------------------------------
\subsubsection{SQL Server}
-
%% ----------------------------------------------------------------------
-\subsubsection{MySQL}
-
-\begin{description}
-\item[Tested with Version:] Debian 7.0 and MySQL 5.5
+\subsection{MySQL}
+\subsubsection{Tested with Version}
+\begin{itemize}
+ \item Debian 7.0 and MySQL 5.5
+\end{itemize}
-\item[Settings:] \mbox{}
-\paragraph*{my.cnf}\mbox{}\\
-
-\begin{lstlisting}[breaklines]
+\subsubsection{Settings}
+\paragraph*{my.cnf}
+\begin{lstlisting}
[mysqld]
ssl
ssl-ca=/etc/mysql/ssl/ca-cert.pem
ssl-cipher=EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EDH+CAMELLIA256:EECDH:EDH+aRSA:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED:!AES128:!CAMELLIA128:!ECDSA:AES256-SHA
\end{lstlisting}
-\item[Additional settings:]
-
+%\subsubsection{Additional settings}
-\item[Justification for special settings (if needed):]
+%\subsubsection{Justification for special settings (if needed)}
% in case you have the need for further justifications why you chose this and that setting or if the settings do not fit into the standard Variant A or Variant B schema, please document this here
-\item[References:]
-{\small \url{https://dev.mysql.com/doc/refman/5.5/en/ssl-connections.html}}
+\subsubsection{References}
+\begin{itemize}
+ \item MySQL Documentation on SSl Connections: \url{https://dev.mysql.com/doc/refman/5.5/en/ssl-connections.html}
+\end{itemize}
-\item[How to test:]
+\subsubsection{How to test}
After restarting the server run the following query to see if the ssl settings are correct:
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
show variables like '%ssl%';
\end{lstlisting}
-\end{description}
-
-
%% ----------------------------------------------------------------------
-\subsubsection{DB2}
-\begin{description}
-\item[Tested with Version:] not tested
+\subsection{DB2}
+\subsubsection{Tested with Version}
+\todo{not tested}
-\item[References:]
-{\small \url{http://pic.dhe.ibm.com/infocenter/db2luw/v9r7/index.jsp?topic=%2Fcom.ibm.db2.luw.admin.sec.doc%2Fdoc%2Fc0053544.html}}
+\subsubsection{References}
+\begin{itemize}
+ \item IMB Db2 Documentation on \emph{Supported cipher suites} \url{http://pic.dhe.ibm.com/infocenter/db2luw/v9r7/index.jsp?topic=\%2Fcom.ibm.db2.luw.admin.sec.doc\%2Fdoc\%2Fc0053544.html}
+\end{itemize}
-\paragraph*{ssl\_cipherspecs}\mbox{}\\
-In the link above the whole SSL-configuration is described in-depth. The following command shows only how to set the recommended ciphersuites.
-\begin{lstlisting}[breaklines]
+
+\subsubsection{Settings}
+\paragraph*{ssl\_cipherspecs}
+In the link above the whole SSL-configuration is described in-depth. The following command shows only how to set the recommended ciphersuites:
+\begin{lstlisting}
# recommended and supported ciphersuites
db2 update dbm cfg using SSL_CIPHERSPECS
TLS_RSA_WITH_AES_128_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
-
\end{lstlisting}
-\end{description}
%% ----------------------------------------------------------------------
+\subsection{PostgreSQL}
+\subsubsection{Tested with Versions}
+\begin{itemize}
+ \item Debian 7.0 and PostgreSQL 9.1
+ \item Linux Mint 14 nadia / Ubuntu 12.10 quantal with PostgreSQL 9.1+136 and OpenSSL 1.0.1c
+\end{itemize}
-\subsubsection{PostgreSQL}
-\begin{description}
-\item[Tested with Version:] Debian 7.0 and PostgreSQL 9.1
+\subsubsection{References}
+\begin{itemize}
+ \item It's recommended to read {\small \url{http://www.postgresql.org/docs/9.1/interactive/runtime-config-connection.html\#RUNTIME-CONFIG-CONNECTION-SECURITY}} (please edit the version with your preferred one).
+ \item PostgreSQL Documentation on \emph{Secure TCP/IP Connections with SSL}: \url{http://www.postgresql.org/docs/9.1/static/ssl-tcp.html}
+\end{itemize}
-\item[References:]
-It's recommended to read
+\subsubsection{Settings}
+To start in SSL mode the server.crt and server.key must exist in the server's data directory \$PGDATA.
-{\small \url{http://www.postgresql.org/docs/X.X/interactive/runtime-config-connection.html\#RUNTIME-CONFIG-CONNECTION-SECURITY}}
-(please change X.X with your preferred version e.g. 9.1).
+Starting with version 9.2, you have the possibility to set the path manually.
-\item[Settings:] \mbox{}
-
-
-To start in SSL mode the server.crt and server.key must exist in the server's data directory \$PGDATA.
-
-Starting with version 9.2, you have the possibility to set the path.
-
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
ssl_key_file = '/your/path/server.key'
ssl_cert_file = '/your/path/server.crt'
ssl_ca_file = '/your/path/root.crt'
\end{lstlisting}
-\paragraph*{postgresql.conf}\mbox{}\\
-\begin{lstlisting}[breaklines]
+\paragraph*{postgresql.conf}\mbox{}\\
+\begin{lstlisting}
#>=8.3
ssl = on
ssl_ciphers = 'EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EDH+CAMELLIA256:EECDH:EDH+aRSA:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED:!AES128:!CAMELLIA128:!ECDSA:AES256-SHA'
\end{lstlisting}
-
-\item[How to test:]
+\subsubsection{How to test}
To test your ssl settings, run psql with the sslmode parameter:
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
psql "sslmode=require host=postgres-server dbname=database" your-username
\end{lstlisting}
-\end{description}
-
\subsubsection{Hashing}
Avoid SHA-1 in GnuPG. Edit \$HOME/.gnupg/gpg.conf:
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
# according to: https://www.debian-administration.org/users/dkg/weblog/48
personal-digest-preferences SHA256
cert-digest-algo SHA256
%%\subsection{Instant Messaging Systems}
-\subsubsection{XMPP / Jabber}
+%\subsubsection{XMPP / Jabber}
-\subsubsection{General server configuration recommendations}
+\subsection{General server configuration recommendations}
For servers, we mostly recommend to apply what's proposed by the {\it Peter's manifesto}\footnote{https://github.com/stpeter/manifesto}.
The last point being out-of-scope for this section, we will only cover the first two points.
-\paragraph{ejabberd}
-\begin{description}
-\item[Tested with Version:] Debian Wheezy 2.1.10-4+deb7u1
-
-\item[Settings:] \mbox{}
+%%----------------------------------------------------------------------
+\subsection{ejabberd}
+\subsubsection{Tested with Version}
+\begin{itemize}
+ \item Debian Wheezy 2.1.10-4+deb7u1
+\end{itemize}
-ejabberd is one of the popular Jabber server. In order to be compliant
-with the manifesto, you should adapt your
-configuration\footnote{\url{http://www.process-one.net/docs/ejabberd/guide_en.html}}:
-\begin{lstlisting}[breaklines]
+\subsubsection{Settings}
+ejabberd is one of the popular Jabber server. In order to be compliant
+with the manifesto, you should adapt your configuration\footnote{\url{http://www.process-one.net/docs/ejabberd/guide_en.html}}:
+\begin{lstlisting}
{listen,
[
{5222, ejabberd_c2s, [
{s2s_certfile, "/etc/ejabberd/ejabberd.pem"}.
\end{lstlisting}
-\item[Additional settings:]
+\subsubsection{Additional settings}
Older Versions of ejabberd ($ < $ 2.0.0) need to be patched\footnote{\url{http://hyperstruct.net/2007/06/20/installing-the-startcom-ssl-certificate-in-ejabberd/}} to be able to parse all of the certificates in the CA chain.
Newer versions of ejabberd now support specifying the cipher string in the config file. See the commit message: \url{https://github.com/processone/ejabberd/commit/1dd94ac0d06822daa8c394ea2da20d91c8209124}. However, this change did not yet make it into the stable release at the time of this writing.
-\item[References:]
+\subsubsection{References}
-\item[How to test:] \url{https://xmpp.net} is a practical website to test Jabber Server configurations.
-\end{description}
+\subsubsection{How to test}
+\url{https://xmpp.net} is a practical website to test Jabber Server configurations.
-\subsubsection{Chat privacy - Off-the-Record Messaging (OTR)}
+%%----------------------------------------------------------------------
+\subsection{Chat privacy - Off-the-Record Messaging (OTR)}
The OTR protocol works on top of the Jabber protocol\footnote{\url{https://otr.cypherpunks.ca/Protocol-v3-4.0.0.html}}.
It adds to popular chat clients (Adium, Pidgin...) the following properties for encrypted chats:
It basically uses Diffie-Hellman, AES and SHA1. Communicating over an insecure instant messaging network, OTR can be used for end to end encryption.
-There are no specific configurations required but the protocol itself is worth to be mentioned.
+There are no specific configurations required but the protocol itself is worth being mentioned.
+
-\subsubsection{IRC}
+%%----------------------------------------------------------------------
+\subsection{Charybdis}
-There are numerous implementations of IRC servers. In this section, we choose {\it Charybdis} which serves as basis for {\it ircd-seven}\footnote{https://dev.freenode.net/redmine/projects/ircd-seven}, developed and used by freenode. Freenode is actually the biggest IRC network\footnote{http://irc.netsplit.de/networks/top10.php}. {\it Charybdis} is part of the {\it Debian} \& {\it Ubuntu} distributions.
+There are numerous implementations of IRC servers. In this section, we choose \emph{Charybdis} which serves as basis for \emph{ircd-seven}\footnote{https://dev.freenode.net/redmine/projects/ircd-seven}, developed and used by freenode. Freenode is actually the biggest IRC network\footnote{http://irc.netsplit.de/networks/top10.php}. \emph{Charybdis} is part of the \emph{Debian} \& \emph{Ubuntu} distributions.
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
/* Extensions */
# Some modules
#loadmodule "extensions/chm_sslonly_compat.so";
\end{lstlisting}
-\subsubsection{SILC}
+%%----------------------------------------------------------------------
+\subsection{SILC}
SILC\footnote{\url{http://www.silcnet.org/} and
\url{https://en.wikipedia.org/wiki/SILC_(protocol)}} is instant messaging
\subsubsection{Settings}
% Example: http://dovecot.org/list/dovecot/2013-October/092999.html
-\begin{lstlisting}[breaklines]
- ssl_cipher_list = '@@@CIPHERSTRINGB@@@'
+\begin{lstlisting}
+ ssl_cipher_list = '%*\cipherstringB*)'
ssl_prefer_server_ciphers = yes
\end{lstlisting}
\subsubsection{How to test}
% describe here or point the admin to tools (can be a simple footnote or \ref{} to the tools section) which help the admin to test his settings.
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
openssl s_client -crlf -connect SERVER.TLD:993
\end{lstlisting}
\paragraph*{imapd.conf}\mbox{}\\
To activate SSL/TLS configure your certificate with
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
tls_cert_file: .../cert.pem
tls_key_file: .../cert.key
\end{lstlisting}
Limiting the ciphers provided may force (especially older) clients to connect without encryption at all! Sticking to the defaults is recommended.\\
If you still want to force strong encryption use
-\begin{lstlisting}[breaklines]
- tls_cipher_list: @@@CIPHERSTRINGB@@@
+\begin{lstlisting}
+ tls_cipher_list: %*\cipherstringB*)
\end{lstlisting}
cyrus-imapd loads hardcoded 1024 bit DH parameters using get\_rfc2409\_prime\_1024() by default. If you want to load your own DH parameters add them PEM encoded to the certificate file given in tls\_cert\_file. Do not forget to re-add them after updating your certificate.\\
To prevent unencrypted connections on the STARTTLS ports you can set
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
allowplaintext: 0
\end{lstlisting}
This way MUAs can only authenticate after STARTTLS if you only provide plaintext and SASL PLAIN login methods. Therefore providing CRAM-MD5 or DIGEST-MD5 methods is not recommended.\\
\paragraph*{cyrus.conf}\mbox{}\\
To support POP3/IMAP on ports 110/143 with STARTTLS add
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
imap cmd="imapd" listen="imap" prefork=3
pop3 cmd="pop3d" listen="pop3" prefork=1
\end{lstlisting}
to the SERVICES section.\\
To support POP3S/IMAPS on ports 995/993 add
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
imaps cmd="imapd -s" listen="imaps" prefork=3
pop3s cmd="pop3d -s" listen="pop3s" prefork=1
\end{lstlisting}
\url{https://bugzilla.cyrusimap.org/show_bug.cgi?id=3823}\\
\subsubsection{How to test}
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
openssl s_client -crlf -connect SERVER.TLD:993
\end{lstlisting}
%% First, you need to generate Diffie Hellman parameters (please first take a look at the section \ref{section:RNGs}):
%% \todo{FIXME: this is a really weak setting! See also: http://postfix.1071664.n5.nabble.com/postfix-hardening-what-can-we-do-td61874.html}
-%% \begin{lstlisting}[breaklines]
+%% \begin{lstlisting}
%% % openssl gendh -out /etc/postfix/dh_param_512.pem -2 512
%% % openssl gendh -out /etc/postfix/dh_param_1024.pem -2 1024
%% \end{lstlisting}
%% Next, we specify these DH parameters in \verb|main.cf|:
-%% \begin{lstlisting}[breaklines]
+%% \begin{lstlisting}
%% smtpd_tls_dh512_param_file = /etc/postfix/dh_param_512.pem
%% smtpd_tls_dh1024_param_file = /etc/postfix/dh_param_1024.pem
%% \end{lstlisting}
restrict the list of ciphers. There are still some steps needed to
enable TLS, all in \verb|main.cf|:
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
smtpd_tls_cert_file = /etc/postfix/server.pem
smtpd_tls_key_file = /etc/postfix/server.key
# use 0 for Postfix >= 2.9, and 1 for earlier versions
acceptable for the ``mandatory'' security level, again in
\verb|main.cf|:
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_mandatory_ciphers=high
- tls_high_cipherlist=@@@CIPHERSTRINGB@@@
+ tls_high_cipherlist=%*\cipherstringB*)
\end{lstlisting}
Then, we configure the MSA smtpd in \verb|master.cf| with two
additional options that are only used for this instance of smtpd:
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
587 inet n - - - - smtpd
-o smtpd_tls_security_level=encrypt -o tls_preempt_cipherlist = yes
\end{lstlisting}
For those users who want to use ECC key exchange, it is possible to specify this via:
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
smtpd_tls_eecdh_grade = ultra
\end{lstlisting}
\subsubsection{How to test}
You can check the effect of the settings with the following command:
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
$ zegrep "TLS connection established from.*with cipher" | /var/log/mail.log | awk '{printf("%s %s %s %s\n", $12, $13, $14, $15)}' | sort | uniq -c | sort -n
1 SSLv3 with cipher DHE-RSA-AES256-SHA
23 TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384
335 TLSv1 with cipher DHE-RSA-AES256-SHA
\end{lstlisting}
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
openssl s_client -starttls smtp -crlf -connect SERVER.TLD:25
\end{lstlisting}
In the main config section of Exim add:
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
tls_certificate = ..../cert.pem
tls_privatekey = ..../cert.key
\end{lstlisting}
don't forget to add intermediate certificates to the .pem file if needed.\\
\\
Tell Exim to advertise STARTTLS in the EHLO answer to everyone:
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
tls_advertise_hosts = *
\end{lstlisting}
If you want to support legacy SMTPS on port 465, and STARTTLS on smtp(25)/submission(587) ports set
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
daemon_smtp_ports = smtp : smtps : submission
tls_on_connect_ports = 465
\end{lstlisting}
\mbox{}\\
It is highly recommended to limit SMTP AUTH to SSL connections only. To do so add
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
server_advertise_condition = ${if eq{$tls_cipher}{}{no}{yes}}
\end{lstlisting}
to every authenticator defined.\\
Add the following rules on top of your acl\_smtp\_mail:
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
warn hosts = *
control = submission/sender_retain
\end{lstlisting}
% Exim maintainers do not recommend to change default ciphers
% I think we shouldn't, too
%use:
-%\begin{lstlisting}[breaklines]
+%\begin{lstlisting}
% tls_require_ciphers = <...recommended ciphersuite...>
%\end{lstlisting}
The cipher used is written to the logfiles by default. You may want to add
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
log_selector = <....whatever your log_selector already contains...> \
+tls_certificate_verified +tls_peerdn +tls_sni
\end{lstlisting}
In the main config section of Exim add:
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
tls_certificate = ..../cert.pem
tls_privatekey = ..../cert.key
\end{lstlisting}
don't forget to add intermediate certificates to the .pem file if needed.\\
\\
Tell Exim to advertise STARTTLS in the EHLO answer to everyone:
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
tls_advertise_hosts = *
\end{lstlisting}
Listen on smtp(25) port only
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
daemon_smtp_ports = smtp
\end{lstlisting}
% Exim maintainers do not recommend to change default ciphers
% We shouldn't, too
%use:
-%\begin{lstlisting}[breaklines]
+%\begin{lstlisting}
% tls_require_ciphers = <...recommended ciphersuite...>
%\end{lstlisting}
If you want to request and verify client certificates from sending hosts set
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
tls_verify_certificates = /etc/pki/tls/certs/ca-bundle.crt
tls_try_verify_hosts = *
\end{lstlisting}
tls\_try\_verify\_hosts only reports the result to your logfile. If you want to disconnect such clients you have to use
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
tls_verify_hosts = *
\end{lstlisting}
The cipher used is written to the logfiles by default. You may want to add
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
log_selector = <....whatever your log_selector already contains...> \
+tls_certificate_verified +tls_peerdn +tls_sni
\end{lstlisting}
Client mode settings have to be done in the configuration section of the smtp transport (driver = smtp).
If you want to use a client certificate (most server certificates can be used as client certificate, too) set
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
tls_certificate = .../cert.pem
tls_privatekey = .../cert.key
\end{lstlisting}
This is recommended for MTA-MTA traffic.\\
%If you want to limit used ciphers set
-%\begin{lstlisting}[breaklines]
+%\begin{lstlisting}
% tls_require_ciphers = <...recommended ciphersuite...>
%\end{lstlisting}
% Exim Maintainers do not recommend ciphers. We shouldn't do so, too.
\paragraph*{OpenSSL}\mbox{}\\
Exim already disables SSLv2 by default. We recommend to add
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
openssl_options = +all +no_sslv2 +no_compression +cipher_server_preference
\end{lstlisting}
to the main configuration.\\
\url{http://bugs.exim.org/show_bug.cgi?id=1397}
\paragraph*{How to test}\mbox{}\\
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
openssl s_client -starttls smtp -crlf -connect SERVER.TLD:25
\end{lstlisting}
squid.conf
\todo{UNTESTED!}
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
options=NO_SSLv2,NO_TLSv1,NO_Compression,CIPHER_SERVER_PREFERENCE
-cipher=@@@CIPHERSTRINGB@@@
+cipher=%*\cipherstringB*)
\end{lstlisting}
%% http://forum.pfsense.org/index.php?topic=63262.0
\todo{UNTESTED!}
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
NO_SSLv2 Disallow the use of SSLv2
NO_SSLv3 Disallow the use of SSLv3
NO_TLSv1 Disallow the use of TLSv1.0
\todo{Patch here? Definitely working for 3.2.6!}
For squid Versions before 3.2.7 use this patch against a vanilla source-tree:
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
--- support.cc.ini 2013-01-09 02:41:51.000000000 +0100
+++ support.cc 2013-01-21 16:13:32.549383848 +0100
@@ -400,6 +400,11 @@
\item[Only allow TLS 1.0,1.1 and 1.2 protocols:] \mbox{}
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
$conf t
$(config)ssl
$(config ssl)edit ssl-device-profile default
\item[Select your accepted cipher-suites:] \mbox{}
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
$conf t
Enter configuration commands, one per line. End with CTRL-Z.
$(config)proxy-services
The same protocols are available for forward proxy settings and should be adjusted accordingly:
In your local policy file add the following section:
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
<ssl>
DENY server.connection.negotiated_ssl_version=(SSLV2, SSLV3)
\end{lstlisting}
Pound 2.6
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
# HTTP Listener, redirects to HTTPS
ListenHTTP
Address 10.10.0.10
AddHeader "Front-End-Https: on"
Cert "/path/to/your/cert.pem"
## See 'man ciphers'.
- Ciphers "TLSv1.2:TLSv1.1:!SSLv3:!SSLv2:@@@CIPHERSTRINGB@@@"
+ Ciphers "TLSv1.2:TLSv1.1:!SSLv3:!SSLv2:%*\cipherstringB*)"
Service
BackEnd
Address 10.20.0.10
\subsection{OpenSSH}
\subsubsection{Tested with Version} OpenSSH 6.1
\subsubsection{Settings}
-\paragraph*{sshd_config}
-\begin{lstlisting}[breaklines]
+\paragraph*{sshd\_config}
+\begin{lstlisting}
# ...
Protocol 2
The openssh sshd\_config man page is the best reference: \url{http://www.openssh.org/cgi-bin/man.cgi?query=sshd_config}
\subsubsection{How to test}
Connect a client with verbose logging enabled to the SSH server \\
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
$ ssh -vvv myserver.com
\end{lstlisting}and observe the key exchange in the output.
\subsection{Cisco ASA}
\subsubsection{Tested with Version} 9.1(3)
\subsubsection{Settings}
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
crypto key generate rsa modulus 2048
ssh version 2
ssh key-exchange group dh-group14-sha1
\url{http://www.cisco.com/en/US/docs/security/asa/asa91/configuration/general/admin\_management.html }
\subsubsection{How to test}
Connect a client with verbose logging enabled to the SSH server \\
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
$ ssh -vvv myserver.com
\end{lstlisting}and observe the key exchange in the output.
\subsection{Cisco IOS}
\subsubsection{Tested with Version} 15.0, 15.1, 15.2
\subsubsection{Settings}
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
crypto key generate rsa modulus 2048 label SSH-KEYS
ip ssh rsa keypair-name SSH-KEYS
ip ssh version 2
% add any further references or best practice documents here
\subsubsection{How to test}
Connect a client with verbose logging enabled to the SSH server \\
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
$ ssh -vvv myserver.com
\end{lstlisting}and observe the key exchange in the output.
\subsubsection{Settings}
\paragraph*{Assumptions}\mbox{}\\
-
We assume the use of IKE (v1 or v2) and ESP for this document.
\paragraph*{Authentication}\mbox{}\\
-
IPSEC authentication should optimally be performed via RSA signatures,
with a key size of 2048 bits or more. Configuring only the trusted CA
that issued the peer certificate provides for additional protection
\end{table}
\paragraph*{Cryptographic Suites}\mbox{}\\
-
IPSEC Cryptographic Suites are pre-defined settings for all the items
of a configuration; they try to provide a balanced security level and
make setting up VPNs easier.
%----------------------------------------------------------------------
\subsection{Check Point FireWall-1}
-
-\begin{description}
-\item[Tested with Version:] \mbox{}
+
+\subsubsection{Tested with Version}
\begin{itemize}
-\item R77 (should work with any currently supported version)
+ \item R77 (should work with any currently supported version)
\end{itemize}
-\item[Settings:] \mbox{}
+\subsubsection{Settings}
Please see section \ref{section:IPSECgeneral} for guidance on
parameter choice. In this section, we will configure a strong setup
according to ``Configuration A''.
\label{fig:checkpoint_3}
\end{figure}
-\item[Additional settings:] \mbox{}
+\subsubsection{Additional settings}
For remote Dynamic IP Gateways, the settings are not taken from the
community, but set in the ``Global Properties'' dialog under ``Remote
Access'' / ``VPN Authentication and Encryption''. Via the ``Edit...''
Please note that these settings restrict the available algorithms for
\textbf{all} gateways, and also influence the VPN client connections.
-%\item[Justification for special settings (if needed):]
+%\subsubsection{Justification for special settings (if needed)}
-%\item[Limitations:]
-
-\item[References:]\mbox{}
+%\subsubsectionLimitations}
+\subsubsection{References}
\begin{itemize}
-
\item Check Point
- \href{https://sc1.checkpoint.com/documents/R77/CP_R77_VPN_AdminGuide/html_frameset.htm}{VPN
- R77 Administration Guide} (may require a
- UserCenter account to access)
-
+ \href{https://sc1.checkpoint.com/documents/R77/CP_R77_VPN_AdminGuide/html_frameset.htm}{VPN R77 Administration Guide} (may require a UserCenter account to access)
\end{itemize}
-% \item[How to test:]
-
-\end{description}
+% \subsubsection{How to test}
%% cipherstrings current 2013-12-09
% ----------------------------------------------------------------------
\subsection{OpenVPN}
-\begin{description}
-
-\item[Tested with Version:] \mbox{}\\
+\subsubsection{Tested with Version}
\begin{itemize}
-\item OpenVPN 2.3.2 from Debian ``wheezy-backports'' linked against openssl (libssl.so.1.0.0)
-\item OpenVPN 2.2.1 from Debian 7.0 linked against openssl
- (libssl.so.1.0.0)
-\item OpenVPN 2.3.2 for Windows
+ \item OpenVPN 2.3.2 from Debian ``wheezy-backports'' linked against openssl (libssl.so.1.0.0)
+ \item OpenVPN 2.2.1 from Debian 7.0 linked against openssl (libssl.so.1.0.0)
+ \item OpenVPN 2.3.2 for Windows
\end{itemize}
-\item[Settings:] \mbox{}
-
-\paragraph{General}\mbox{}
+\subsubsection{Settings}
+\paragraph{General}\mbox{}\\
We describe a configuration with certificate-based authentication; see
below for details on the \verb|easyrsa| tool to help you with that.
and \verb|auth| options both take a single argument that must match on
client and server.
-\paragraph{Server Configuration}\mbox{}
+\paragraph{Server Configuration}\mbox{}\\
% the cipherlist here is config B without the ECDHE strings, because
% it must fit in 256 bytes...
% DO NOT CHANGE TO THE CIPHERSTRING MACRO!
-\begin{lstlisting}[breaklines]
tls-cipher DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-CAMELLIA256-SHA:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-RSA-AES128-SHA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
cipher AES-256-CBC
auth SHA384
\end{lstlisting}
-\paragraph{Client Configuration}\mbox{}
-
+\paragraph{Client Configuration}\mbox{}\\
Client and server have to use compatible configurations, otherwise they can't communicate.
The \verb|cipher| and \verb|auth| directives have to be identical.
% the cipherlist here is config B without the ECDHE strings, because
% it must fit in 256 bytes...
% DO NOT CHANGE TO THE CIPHERSTRING MACRO!
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
tls-cipher DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-CAMELLIA256-SHA:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-RSA-AES128-SHA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
cipher AES-256-CBC
auth SHA384
tls-remote server.example.com
\end{lstlisting}
-\item[Justification for special settings (if needed):] \mbox{}\\
-
+\subsubsection{Justification for special settings}
OpenVPN 2.3.1 changed the values that the \verb|tls-cipher| option
expects from OpenSSL to IANA cipher names. That means from that
version on you will get ``Deprecated TLS cipher name'' warnings for
The configuration shown above is compatible with all tested versions.
-\item[References:] \mbox{}\\
-
-\url{http://openvpn.net/index.php/open-source/documentation/security-overview.html}
-%\item[How to test:]
+\subsubsection{References}
+\begin{itemize}
+ \item OpenVPN Documentation: \emph{Security Overview} \url{http://openvpn.net/index.php/open-source/documentation/security-overview.html}
+\end{itemize}
+%\subsubsection{How to test}
-\item[Additional settings:] \mbox{}
-\paragraph{Key renegotiation interval}\mbox{}
+\subsubsection{Additional settings}
+\paragraph{Key renegotiation interval}\mbox{}\\
The default for renegotiation of encryption keys is one hour
(\verb|reneg-sec 3600|). If you
transfer huge amounts of data over your tunnel, you might consider
configuring a shorter interval, or switch to a byte- or packet-based
interval (\verb|reneg-bytes| or \verb|reneg-pkts|).
-\paragraph{Fixing ``easy-rsa''}\mbox{}
-
+\paragraph{Fixing ``easy-rsa''}\mbox{}\\
When installing an OpenVPN server instance, you are probably using
{\it easy-rsa} to generate keys and certificates.
The file \verb|vars| in the easyrsa installation directory has a
number of settings that should be changed to secure values:
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
export KEY_SIZE=4096
export KEY_EXPIRE=365
export CA_EXPIRE=1826
of \verb|sha1| with \verb|sha256|, to sign the certificates with
SHA256.
-\item[Limitations:] \mbox{}
+\subsubsection{Limitations}
Note that the ciphersuites shown by \verb|openvpn --show-tls| are {\it
known}, but not necessarily {\it
supported} \footnote{\url{https://community.openvpn.net/openvpn/ticket/304}}.
\verb|Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-CAMELLIA256-SHA, 2048 bit RSA|
-\end{description}
-
% ----------------------------------------------------------------------
\subsection{PPTP}
\item[Tested with Version:]
9.1(3) - X-series model
\item[Settings:] \mbox{}
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
crypto ipsec ikev2 ipsec-proposal AES-Fallback
protocol esp encryption aes-256 aes-192 aes
protocol esp integrity sha-512 sha-384 sha-256
-%%\subsection{Webservers}
-
%%----------------------------------------------------------------------
+Please note, that any cipher suite starting with ECDHE can be omitted, if in doubt.
+
\subsection{Apache}
-\subsubsection{Tested with Versions} \todo{FIXME: add}
-%\begin{itemize}
-%\end{itemize}
+\subsubsection{Tested with Versions}
+\begin{itemize}
+ \item Apache2/2.2.22-13 with OpenSSL 1.0.1e on Debian Wheezy (ciphers with Forward Secrecy are not chosen with Internet Explorer on Windows)
+\end{itemize}
-\subsubsection{Settings}
+\subsubsection{Settings}
Enabled modules \emph{SSL} and \emph{Headers} are required.
-
-%-All +TLSv1.1 +TLSv1.2
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
SSLCertificateFile server.crt
SSLCertificateKeyFile server.key
SSLProtocol All -SSLv2 -SSLv3
SSLHonorCipherOrder On
SSLCompression off
+ SSLSessionCache shmcb:${APACHE_RUN_DIR}/ssl_scache(512000)
+ SSLSessionCacheTimeout 300
# Add six earth month HSTS header for all users...
- Header add Strict-Transport-Security "max-age=15768000"
+ Header always set Strict-Transport-Security "max-age=15768000"
# If you want to protect all subdomains, use the following header
# ALL subdomains HAVE TO support https if you use this!
- # Strict-Transport-Security: max-age=15768000 ; includeSubDomains
-
- SSLCipherSuite '@@@CIPHERSTRINGB@@@'
+ # Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains"
+ SSLCipherSuite '%*\cipherstringB*)'
\end{lstlisting}
-Note that any cipher suite starting with ECDHE can be omitted, if in doubt.
-
-\vskip 1.0em
\subsubsection{Additional settings}
+You might want to redirect everything to \emph{https://} if possible. In Apache
+you can do this with the following setting inside of a VirtualHost environment:
-You might want to redirect everything to httpS:// if possible. In Apache you can do this with the following setting inside of a VirtualHost environment:
-
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
<VirtualHost *:80>
- #...
- RewriteEngine On
- RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R=permanent]
- #...
+ RewriteEngine On
+ RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R=permanent]
</VirtualHost>
\end{lstlisting}
-%\subsubsection{Justification for special settings (if needed)}
-
\subsubsection{References}
-\url{https://httpd.apache.org/docs/2.4/ssl/}
-
+\begin{itemize}
+ \item Apache2 Docs on SSL and TLS: \url{https://httpd.apache.org/docs/2.4/ssl/}
+\end{itemize}
\subsubsection{How to test}
See section \ref{section:Tools}
-%%\end{description}
-
-
%%----------------------------------------------------------------------
\subsection{lighttpd}
-
-
-%%\begin{description}
-\subsubsection{Tested with Version}
+\subsubsection{Tested with Versions}
\begin{itemize}
-\item lighttpd/1.4.31-4 with OpenSSL 1.0.1e on Debian Wheezy
-\item lighttpd/1.4.33 with OpenSSL 0.9.8o on Debian Squeeze (note that TLSv1.2 does not work in openssl 0.9.8 thus not all ciphers actually work)
-\item lighttpd/1.4.28-2 with OpenSSL 0.9.8o on Debian Squeeze (note that TLSv1.2 does not work in openssl 0.9.8 thus not all ciphers actually work)
+ \item lighttpd/1.4.31-4 with OpenSSL 1.0.1e on Debian Wheezy
+ \item lighttpd/1.4.33 with OpenSSL 0.9.8o on Debian Squeeze (note that TLSv1.2 does not work in openssl 0.9.8 thus not all ciphers actually work)
+ \item lighttpd/1.4.28-2 with OpenSSL 0.9.8o on Debian Squeeze (note that TLSv1.2 does not work in openssl 0.9.8 thus not all ciphers actually work)
\end{itemize}
\subsubsection{Settings}
-
-
-%% Complete ssl.cipher-list with same algo than Apache
-\todo{FIXME: this string seems to be wrongly formatted??}
-
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
$SERVER["socket"] == "0.0.0.0:443" {
ssl.engine = "enable"
ssl.use-sslv2 = "disable"
ssl.use-sslv3 = "disable"
- #ssl.use-compression obsolete >= 1.4.3.1
ssl.pemfile = "/etc/lighttpd/server.pem"
- ssl.cipher-list = '@@@CIPHERSTRINGB@@@'
+ ssl.cipher-list = "%*\cipherstringB*)"
ssl.honor-cipher-order = "enable"
- setenv.add-response-header = ( "Strict-Transport-Security" => "max-age=31536000")
+ setenv.add-response-header = ( "Strict-Transport-Security" => "max-age=15768000") # six months
+ # use this only if all subdomains support HTTPS!
+ # setenv.add-response-header = ( "Strict-Transport-Security" => "max-age=15768000; includeSubDomains")
}
\end{lstlisting}
\subsubsection{Additional settings}
-
As for any other webserver, you might want to automatically redirect http
-traffic toward httpS:// It is also recommended to set the environment variable
-\emph{HTTPS}, so the applications run by the webserver can easily detect, that
-HTTPS is in use.
+traffic towards \emph{https://}. It is also recommended to set the environment
+variable \emph{HTTPS}, PHP applications can then detect that HTTPS is in use.
-
-
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
$HTTP["scheme"] == "http" {
# capture vhost name with regex conditiona -> %0 in redirect pattern
# must be the most inner block to the redirect rule
url.redirect = (".*" => "https://%0$0")
}
}
- # Set the environment variable properly
- setenv.add-environment = (
- "HTTPS" => "on"
- )
+ server.modules += ( "mod_setenv" ) # if not already activated before
+ $HTTP["scheme"] == "https" {
+ # Set the environment variable properly
+ setenv.add-environment = (
+ "HTTPS" => "on"
+ )
}
\end{lstlisting}
-
\subsubsection{Additional information}
The config option \emph{honor-cipher-order} is available since 1.4.30, the
-supported ciphers depend on the used OpenSSL-version (at runtime). ECDH has to
+supported ciphers depend on the used OpenSSL-version (at runtime). ECDHE has to
be available in OpenSSL at compile-time, which should be default. SSL
compression should by deactivated by default at compile-time (if not, it's
active).
Support for other SSL-libraries like GnuTLS will be available in the upcoming
2.x branch, which is currently under development.
-
\subsubsection{References}
-
\begin{itemize}
- \item HTTPS redirection: \url{http://redmine.lighttpd.net/projects/1/wiki/HowToRedirectHttpToHttps}
- \item Lighttpd Docs SSL: \url{http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs\_SSL}
- \item Release 1.4.30 (How to mitigate BEAST attack) \url{http://redmine.lighttpd.net/projects/lighttpd/wiki/Release-1\_4\_30}
- \item SSL Compression disabled by default: \url{http://redmine.lighttpd.net/issues/2445}
+ \item HTTPS redirection: \url{http://redmine.lighttpd.net/projects/1/wiki/HowToRedirectHttpToHttps}
+ \item Lighttpd Docs SSL: \url{http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs\_SSL}
+ \item Release 1.4.30 (How to mitigate BEAST attack) \url{http://redmine.lighttpd.net/projects/lighttpd/wiki/Release-1\_4\_30}
+ \item SSL Compression disabled by default: \url{http://redmine.lighttpd.net/issues/2445}
\end{itemize}
-
-
-
\subsubsection{How to test}
See section \ref{section:Tools}
-% describe here or point the admin to tools (can be a simple footnote or \ref{} to the tools section) which help the admin to test his settings.
-%\end{description}
-
-
%%----------------------------------------------------------------------
\subsection{nginx}
-%\begin{description}
+
\subsubsection{Tested with Version}
\begin{itemize}
-\item 1.4.4 with OpenSSL 1.0.1e on OS X Server 10.8.5
-\item 1.2.1-2.2+wheezy2 with OpenSSL 1.0.1e on Debian Wheezy
-\item 1.4.4 with OpenSSL 1.0.1e on Debian Wheezy
-\item 1.2.1-2.2~bpo60+2 with OpenSSL 0.9.8o on Debian Squeeze (note that TLSv1.2 does not work in openssl 0.9.8 thus not all ciphers actually work)
+ \item 1.4.4 with OpenSSL 1.0.1e on OS X Server 10.8.5
+ \item 1.2.1-2.2+wheezy2 with OpenSSL 1.0.1e on Debian Wheezy
+ \item 1.4.4 with OpenSSL 1.0.1e on Debian Wheezy
+ \item 1.2.1-2.2~bpo60+2 with OpenSSL 0.9.8o on Debian Squeeze (note that TLSv1.2 does not work in openssl 0.9.8 thus not all ciphers actually work)
\end{itemize}
\subsubsection{Settings}
-
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # not possible to do exclusive
- ssl_ciphers '@@@CIPHERSTRINGB@@@';
- add_header Strict-Transport-Security max-age=2592000;
+ ssl_ciphers '%*\cipherstringB*)';
+ add_header Strict-Transport-Security "max-age=15768000; includeSubDomains"
\end{lstlisting}
If you absolutely want to specify your own DH parameters, you can specify them via
-
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
ssl_dhparam file;
\end{lstlisting}
-However, we advise you to read section \ref{section:DH} and stay with the standard IKE/IETF parameters (as long as they are $ > 1024 $ bits).
+However, we advise you to read section \ref{section:DH} and stay with the standard IKE/IETF parameters (as long as they are \textgreater 1024 bits).
-\vskip 0.5em
\subsubsection{Additional settings}
-
If you decide to trust NIST's ECC curve recommendation, you can add the following line to nginx's configuration file to select special curves:
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
ssl_ecdh_curve secp384r1;
\end{lstlisting}
-You might want to redirect everything to httpS:// if possible. In Nginx you can do this with the following setting:
+You might want to redirect everything to \emph{https://} if possible. In Nginx you can do this with the following setting:
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
rewrite ^(.*) https://$host$1 permanent;
\end{lstlisting}
\subsubsection{References}
\begin{itemize}
-\item \url{http://nginx.org/en/docs/http/ngx_http_ssl_module.html}
-\item \url{http://wiki.nginx.org/HttpSslModule}
+ \item \url{http://nginx.org/en/docs/http/ngx_http_ssl_module.html}
+ \item \url{http://wiki.nginx.org/HttpSslModule}
\end{itemize}
\subsubsection{How to test}
See section \ref{section:Tools}
-
-
-
-
%%----------------------------------------------------------------------
\subsection{MS IIS}
\label{sec:ms-iis}
-
\todo{Daniel: add screenshots and registry keys}
-%\begin{description}
-
\subsubsection{Tested with Version} \todo{Daniel: add tested version}
-\subsubsection{Settings}
+\subsubsection{Settings}
When trying to avoid RC4 and CBC (BEAST-Attack) and requiring perfect
forward secrecy, Microsoft Internet Information Server (IIS) supports
The configuration of cipher suites MS IIS will use, can be configured in one
of the following ways:
\begin{enumerate}
-\item Group Policy \footnote{\url{http://msdn.microsoft.com/en-us/library/windows/desktop/bb870930(v=vs.85).aspx}}
-\item Registry
-\item IIS Crypto~\footnote{\url{https://www.nartac.com/Products/IISCrypto/}}
+ \item Group Policy \footnote{\url{http://msdn.microsoft.com/en-us/library/windows/desktop/bb870930(v=vs.85).aspx}}
+ \item Registry
+ \item IIS Crypto~\footnote{\url{https://www.nartac.com/Products/IISCrypto/}}
\end{enumerate}
-
Table~\ref{tab:MS_IIS_Client_Support} shows the process of turning on
one algorithm after another and the effect on the supported clients
tested using https://www.ssllabs.com.
\verb|TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256| & Chrome 30, Opera 17, Safari 6+ \\
\verb|TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA| & FF 10-24, IE 8+, Safari 5, Java 7\\
\bottomrule
- \end{tabular}
+ \end{tabular}
\caption{Client support}
\label{tab:MS_IIS_Client_Support}
\end{table}
trusted environment). This suite will not be used for SSL, since we do
not use a RSA Key.
-
% \verb|TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256| ... only supported by: IE 10,11, OpenSSL 1.0.1e
% \verb|TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256| ... Chrome 30, Opera 17, Safari 6+
% \verb|TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA| ... Firefox 10-24, IE 8+, Safari 5, Java 7
-
Clients not supported:
\begin{enumerate}
-\item Java 6
-\item WinXP
-\item Bing
+ \item Java 6
+ \item WinXP
+ \item Bing
\end{enumerate}
-\subsubsection{Additional settings}
+\subsubsection{Additional settings}
%Here you can add additional settings
-\subsubsection{Justification for special settings (if needed)}
+\subsubsection{Justification for special settings (if needed)}
% in case you have the need for further justifications why you chose this and that setting or if the settings do not fit into the standard Variant A or Variant B schema, please document this here
-\subsubsection{References}
+\subsubsection{References}
\todo{add references}
% add any further references or best practice documents here
\subsubsection{How to test}
See section \ref{section:Tools}
-
%\end{description}
\begin{minipage}[b]{0.5\linewidth}
\center
Brown, Scott \\
-G\"uhring Philipp \\
+Gühring Philipp \\
Grigg, Ian \\
Horenbeck, Maarten \\
Kovacic, Daniel \\
Mendel, Florian \\
Millauer, Tobias \\
Pichler, Patrick \\
-P\"oschl, Ulrich \\
+Pöschl, Ulrich \\
San, Berg \\
Schreck, Thomas \\
-Wagner, Sebastian (``sebix'') \\
+Wagner, Sebastian («sebix») \\
\end{minipage}
@techreport{TR02102,
title = {BSI TR-02102 Kryptographische Verfahren},
- author = {Bundesamt f\"ur Sicherheit in der Informationstechnik (BSI)},
+ author = {Bundesamt für Sicherheit in der Informationstechnik (BSI)},
year = {2013},
month = {Jan},
url = {https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSI-TR-02102_pdf}
\item[Settings:] \mbox{}
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
%Here goes your setting string
\end{lstlisting}
%Here you can add additional settings
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
%copy \& paste additional settings
\end{lstlisting}
to you. In this case, you can generate a private key and a corresponding
certificate request as follows:
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
% openssl req -new -nodes -keyout <servername>.key -out <servername>.csr -newkey rsa:<keysize>
Country Name (2 letter code) [AU]:DE
State or Province Name (full name) [Some-State]:Bavaria
\subsection{Recommended cipher suites}
\label{section:recommendedciphers}
-\input{"./theory/cipher_suites/recommended_generated.tex"}
+\input{"./theory/cipher_suites/recommended.tex"}
%\subsection{Known insecure and weak cipher suites}
This results in the OpenSSL string:
-\begin{lstlisting}[breaklines]
+\begin{lstlisting}
'EDH+aRSA+AES256:EECDH+aRSA+AES256:!SSLv3'
\end{lstlisting}
This results in the OpenSSL string:
%'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA'
-\begin{lstlisting}[breaklines]
-@@@CIPHERSTRINGB@@@
+\begin{lstlisting}
+%*\cipherstringB*)
\end{lstlisting}
\todo{make a column for cipher chaining mode}