Disable TLS v1.0 & 1.1

Questions and answers about how to do stuff
Post Reply
elfranko
Posts: 19
Joined: 03 Sep 2018 08:03

Disable TLS v1.0 & 1.1

Post by elfranko »

Hi,
We have been using these for a little while, and during a routine penetration test we were advised about still having Triple DES and also having TLS v1 & 1.1 enabled.
So I took to google to find out, and not a lot was evident. However I have managed to disable Triple Des and also set my EFA to only accept TLS v1.2.

If this is something you need to do, or want to do here is how:


In
/etc/postfix/main.cf
Change:

Code: Select all

smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3
smtp_tls_mandatory_protocols = !SSLv2,!SSLv3
smtpd_tls_protocols = !SSLv2,!SSLv3
smtp_tls_protocols = !SSLv2,!SSLv3
To

Code: Select all

smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtp_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtpd_tls_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtp_tls_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1

To remove TripleDes:
Change this line:

Code: Select all

tls_medium_cipherlist = ECDSA+AESGCM:ECDH+AESGCM:DH+AESGCM:ECDSA+AES:ECDH+AES:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
To this:

Code: Select all

tls_medium_cipherlist = ECDSA+AESGCM:ECDH+AESGCM:DH+AESGCM:ECDSA+AES:ECDH+AES:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
Removing
:ECDH+3DES:DH+3DES & RSA+3DES:

A restart of Postfix does the trick.
I used
testssh on a kali box to test:
Image
Image


Hope this helps someone

ElFranko
Attachments
enabled.JPG
enabled.JPG (52.83 KiB) Viewed 14107 times
disabled.JPG
disabled.JPG (49.45 KiB) Viewed 14107 times
henk
Posts: 517
Joined: 14 Dec 2015 22:16
Location: Netherlands
Contact:

Re: Disable TLS v1.0 & 1.1

Post by henk »

Good tip!.

A bit off topic, but nice to know:
if you have webmail enabled on your mailserver, you can simply remove all protocols and add just the wanted protocols for apache:
-ALL, +TLSv1.2

Code: Select all

/etc/httpd/conf.d/ssl.conf

Code: Select all

#   SSL Protocol support:
# List the enable protocol levels with which clients will be able to
# connect.  Disable SSLv2 access by default:
#SSLProtocol all -SSLv2 -SSLv3
#SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLProtocol -ALL +TLSv1.2  

Code: Select all

service httpd restart
Tip, if you have an old mobile phone, you need to add '+TLSv1', to be able to use Zpush or just buy a new phone that supports TLSv1.2 :lol:

To test your mailserver's SSL can use: https://www.ssllabs.com/ssltest/
A decent firewall will/should block (most) SSL vulnerabilties.
To be able to check SSL use testssl script to check all servers https://github.com/drwetter/testssl.sh

Create some dir (/root/software)
cd /root/software

Code: Select all

git clone --depth 1 https://github.com/drwetter/testssl.sh.git

Code: Select all

./testssl.sh --vulnerable  <<hostname>> 
result

Code: Select all

 rDNS (redacted):     EFA3 .
 Service detected:       HTTP

 Testing vulnerabilities

 Heartbleed (CVE-2014-0160)                not vulnerable (OK), timed out
 CCS (CVE-2014-0224)                       not vulnerable (OK)
 Ticketbleed (CVE-2016-9244), experiment.  not vulnerable (OK), session IDs were returned but potential memory fragments do not differ
 ROBOT                                     not vulnerable (OK)
 Secure Renegotiation (CVE-2009-3555)      not vulnerable (OK)
 Secure Client-Initiated Renegotiation     not vulnerable (OK)
 CRIME, TLS (CVE-2012-4929)                not vulnerable (OK)
 BREACH (CVE-2013-3587)                    no HTTP compression (OK)  - only supplied "/" tested
 POODLE, SSL (CVE-2014-3566)               not vulnerable (OK)
 TLS_FALLBACK_SCSV (RFC 7507)              No fallback possible, no protocol below TLS 1.2 offered (OK)
 SWEET32 (CVE-2016-2183, CVE-2016-6329)    not vulnerable (OK)
 FREAK (CVE-2015-0204)                     not vulnerable (OK)
 DROWN (CVE-2016-0800, CVE-2016-0703)      not vulnerable on this host and port (OK)
                                           no RSA certificate, thus certificate can't be used with SSLv2 elsewhere
 LOGJAM (CVE-2015-4000), experimental      not vulnerable (OK): no DH EXPORT ciphers, no DH key detected with <= TLS 1.2
 BEAST (CVE-2011-3389)                     no SSL3 or TLS1 (OK)
 LUCKY13 (CVE-2013-0169), experimental     potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS. Check patches
 RC4 (CVE-2013-2566, CVE-2015-2808)        no RC4 ciphers detected (OK)
Client check to be sure 8-)

Code: Select all

./testssl.sh --client-simulation <<hostname>>

Code: Select all

Running client simulations (HTTP) via sockets

 Android 4.2.2                No connection
 Android 4.4.2                TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Android 5.0.0                TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Android 6.0                  TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Android 7.0                  TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Chrome 65 Win 7              TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Chrome 70 Win 10             TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Firefox 59 Win 7             TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Firefox 62 Win 7             TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 IE 6 XP                      No connection
 IE 7 Vista                   No connection
 IE 8 Win 7                   No connection
 IE 8 XP                      No connection
 IE 11 Win 7                  TLSv1.2 ECDHE-RSA-AES256-SHA384, 256 bit ECDH (P-256)
 IE 11 Win 8.1                TLSv1.2 ECDHE-RSA-AES256-SHA384, 256 bit ECDH (P-256)
 IE 11 Win Phone 8.1          TLSv1.2 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
 IE 11 Win 10                 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Edge 13 Win 10               TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Edge 13 Win Phone 10         TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Edge 15 Win 10               TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Opera 17 Win 7               TLSv1.2 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
 Safari 9 iOS 9               TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Safari 9 OS X 10.11          TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Safari 10 OS X 10.12         TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Apple ATS 9 iOS 9            TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Tor 17.0.9 Win 7             No connection
 Java 6u45                    No connection
 Java 7u25                    No connection
 Java 8u161                   TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Java 9.0.4                   TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 OpenSSL 1.0.1l               TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 OpenSSL 1.0.2e               TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
“We are stuck with technology when what we really want is just stuff that works.” -Douglas Adams
jamerson
Posts: 164
Joined: 19 Aug 2017 18:57
Location: kaaskop

Re: Disable TLS v1.0 & 1.1

Post by jamerson »

i have followed elfranco steps to disable tls 1/1.1 unfortunately its not disabled
see attached screenshot
i am on EFA 4 maybe this different?
Attachments
TLS2.jpg
TLS2.jpg (38.95 KiB) Viewed 13841 times
TLS1.png
TLS1.png (89.63 KiB) Viewed 13842 times
Version eFa 4.0.0 RC1 now available in testing repo. Come join us in advancing eFa!
elfranko
Posts: 19
Joined: 03 Sep 2018 08:03

Re: Disable TLS v1.0 & 1.1

Post by elfranko »

Just checking, is that for disabling SSL etc on the website, what were you using to test. The information I posted was just for disabling the protocols on port 25 (Postfix)
I used a linux script called testssl to check https://testssl.sh/ and https://www.ssllabs.com/ssltest/ for testing websites
Henk's post does them for https and includes how to install testssl

Cheers
Frank
Post Reply