efa-project.org

All,

One of the EFA servers I look after is for a company that has to have a PCI Compliance scan. I've had the results back and it's failing on the following against the EFA server:

The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. However, SecurityMetrics has not checked for such a mitigation. See also : https://sweet32.info https://www.openssl.org/blog/blog/2016/08/24/sweet32/ Resolution: Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. Data Received: List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA

Resolution: Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. Data Received: List of 64-bit block cipher suites supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key) TLSv1 EDH-RSA-DES-CBC3-SHA
CVSS 5.00 FAIL
Port 25
Protocol TCP
Service smtp
Title SSL 64-bit Block Size Cipher Suites Supported (SWEET32)
Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 High Strength Ciphers (>= 112-bit key) TLSv1 IDEA-CBC-SHA Kx=RSA Au=RSA Enc=IDEA-CBC(128) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au= {authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}


SSL Medium Strength Cipher Suites Supported
Data Received: Here is the list of medium strength SSL ciphers supported by the remote server : Medium Strength Ciphers (> 64-bit and < 112-bit key) TLSv1 EDH-RSADES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSADES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 The fields above are : {OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc= {symmetric encryption method} Mac={message authentication code} {export flag}


Any ideas on how to fix these issues?!

Regards

Take a look at /etc/postfix/main.cf
Change this to medium or high and reload postfix

Looks like we need to bring this up a bit by default.

Thanks Shawn, I'll add that and see if it helps.

I'm also after disabling TLS v1.0 and RC4. I did disable TLS v1.0 and some mails stopped coming through as it failed on a TLS handshake.

RC4 I have added as:
to my main.cf.

That's the rub with increasing your encryption with SMTP.

Many servers out there are not as far along with their email security, so if the remote server does not support higher levels of encryption, the connection will most certainly fail.

It is arguable whether increasing the encryption strength of SMTP is worth the loss of delivery, since many systems continue to send and receive email with no encryption at all or fall back to not using it if TLS negotiation fails.

It has been a slow process just to drop SSL in the email community.

I noticed one of the domains we force TLS to and from had changed their TLS settings to high, and mail was not being delivered, it was OK on low.

On analyzing the MTA logs, it was found we was getting an error similar to below.

postfix/smtp[<pid>]: warning: TLS library problem:
error:1407741A: SSL routines:
SSL23_GET_SERVER_HELLO:tlsv1 alert decode error:
s23_clnt.c:762:

I know their device was a Cisco Iron port smtp appliance.

I did found the articles below at the time.

https://rt.openssl.org/Ticket/Display.h ... pass=guest

http://postfix.1071664.n5.nabble.com/Op ... 66873.html

May help.

thewomble - thanks for the links, I'll take a read when I get a moment.

I've also noticed that the mail server I am delivering messages too is rejecting them (it's an Exchange 2010 server) if I disable TLS 1.0. After some reading, it seems you can install support for later versions of TLS on Exchange 2010 (SP3 RU9) which I am going to try.

Here is some thought. I don't have the PCI requirement, but certainly have an interest in being secure.

Edit the Postfix configuration file:
vi /etc/postfix/main.cf
Change this line:tls_medium_cipherlist = ECDSA+AESGCM:ECDH+AESGCM:DH+AESGCM:ECDSA+AES:ECDH+AES:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
To:
tls_medium_cipherlist = ECDSA+AESGCM:ECDH+AESGCM:DH+AESGCM:ECDSA+AES:ECDH+AES:DH+AES:RSA+AESGCM:RSA+AES:!3DES:!aNULL:!MD5:!DSS

Explicity add these lines:
smtpd_tls_exclude_ciphers = 3DES, DES, RC4, MD5, aDSS, kDHE
smtp_tls_exclude_ciphers = 3DES, DES, RC4, MD5, aDSS, kDHE

Save the file. Restart postfix systemctl restart postfix.

By default, the /etc/httpd/conf.d/ssl.conf should already have this setting. If not, change it
SSLCipherSuite ECDSA+AESGCM:ECDH+AESGCM:ECDSA+AES:ECDH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS:!3DES:!EXP

This setting already turns off the 3DES ciphers

Again, make backups and restart.