My next class:
Network Monitoring and Threat Detection In-DepthSingaporeNov 18th - Nov 23rd 2024

POODLE: Turning off SSLv3 for various servers and client.

Published: 2014-10-15. Last Updated: 2014-10-15 17:29:16 UTC
by Johannes Ullrich (Version: 1)
3 comment(s)

Before you start: While adjusting your SSL configuration, you should also check for various other SSL related configuration options. A good outline can be found at http://bettercrypto.org as well as at http://ssllabs.com (for web servers in particular)

Here are some configuration directives to turn off SSLv3 support on servers:

Apache: Add -SSLv3 to the "SSLProtocol" line. It should already contain -SSLv2 unless you list specific protocols. 

nginx: list specific allowed protocols in the "ssl_protocols" line. Make sure SSLv2 and SSLv3 is not listed. For example: ssl_protocols TLSv2 TLSv1.1 TLSv1.2;

Postfix: Disable SSLv3 support in the smtpd_tls_manadatory_protocols configuration line. For example: smtpd_tls_mandatory_protocols=!SSLv2,!SSLv3

Dovecot: similar, disable SSLv2 and SSLv3 in the ssl_protocols line. For example: ssl_protocols = !SSLv2 !SSLv3

HAProxy Server: the bind configuration line should include no-sslv3 (this line also lists allowed ciphers)

puppet: see https://github.com/stephenrjohnson/puppetmodule/commit/1adb73f9a400cb5e91c4ece1c6166fd63004f448 for instructions

For clients, turning off SSLv3 can be a bit more tricky, or just impossible.

Google Chrome: you need to start Google Chrome with the "--ssl-version-min=tls1" option. 

Internet Explorer: You can turn off SSLv3 support in the advanced internet option dialog.

Firefox: check the "security.tls.version.min" setting in about:config and set it to 1. Oddly enough, in our testing, the default setting of 0 will allow SSLv3 connections, but refuses to connect to our SSLv3 only server.

For Microsoft Windows, you can use group policies. For details see Microsoft's advisory: https://technet.microsoft.com/en-us/library/security/3009008.aspx

To test, continue to use our "POODLE Test" page at https://poodletest.com or the Qualys SSLLabs page at https://ssllabs.com

To detect the use of SSLv3, you can try the following filters:

tshark/wireshark display filters: ssl.handshake.version==0x0300

​tcpdump filter: (1) accounting for variable TCP header length: 'tcp[((tcp[12]>>4)*4)+9:2]=0x0300'
                       (2) assuming TCP header length is 20: 'tcp[29:2]=0x0300'

We will also have a special webcast at 3pm ET. For details see

https://www.sans.org/webcasts/about-poodle-99032 

the webcast will probably last 20-30 minutes and summarize the highlights of what we know so far.

---
Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn

Keywords:
3 comment(s)
My next class:
Network Monitoring and Threat Detection In-DepthSingaporeNov 18th - Nov 23rd 2024

Comments

Thank you for the list on how to turn off SSLv3 for server and client products as well.

Just one small notice, for dovecot it is
ssl_protocols = !SSLv2 !SSLv3 instead of
ssl_protocols: !SSLv2 !SSLv3

And while tweaking the ssl_protocols settings you might also want to set your ssl ciphers.
Out of the Applied Crypto Hardening paper (bettercrypto.org)

# SSL ciphers to use
ssl_cipher_list = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH\
\+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!\
\eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-\
\SHA:CAMELLIA128-SHA:AES128-SHA
# Prefer the server's order of ciphers over client's.
ssl_prefer_server_ciphers = yes
For home users, instead of changing MSIE Internet Options, my advice is to make a registry change to block SSLv3, for 3 reasons:

1) At the bottom of the "Internet Options" dialog box (visible in, for example, https://scotthelme.co.uk/sslv3-goes-to-the-dogs-poodle-kills-off-protocol/#internetexplorer) there are 2 buttons: [Restore advanced settings] and [Reset...].
From my own experience I know that I tend to press such buttons if something doesn't work as expected, and subsequently I'll often forget to correct the values I prefer.

2) If the PC has multiple users (spouse, kids) you'll have to make the change for every account, risking that one or more of thoseper-account settings will be reset by the user.

3) Internet Explorer options may apply to some other applications (that you use), but definitely do not affect system services such as Windows Update. Although I'm not 100% sure that the following registry settings have effect on Windows Update, third party software that uses SChannel will likely be protected by having SSLv3 support disabled.

------------------------------------------------------------
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client]
"Enabled"=dword:00000000

------------------------------------------------------------

Log on using an administrator account.
Copy the text BETWEEN the lines (not including the lines) to the clipboard.
Start Notepad and paste the text.

IMPORTANT #1: there are 2 lines that start with an opening square bracket and end with a closing square bracket. These lines should NOT wrap! In each of those lines there should be 1 space character, between "SSL" and "2.0".

Save as DisableSSLv3.reg, for example to your desktop.

IMPORTANT #2: don't just copy registry files from the internet and run them without verifying their contents! Check https://support.microsoft.com/kb/245030 (you may have trouble determining whether the registry information listed above works as intended and is not malicious, but I feel obliged to warn you to be careful).

Now double-click the saved file (on your desktop). Note that the extension ".reg" may not be visible.
A dialog will pop up asking you if you're sure: choose yes.
If the import was successful, you'll be notified about this.

IMPORTANT #3: before testing whether the registry change blocks SSLv3, you MUST first close all open Internet Explorer windows!
For puppet server 2.7.21, it seems sufficient to edit /etc/puppetlabs/httpd/conf.d/ssl.conf (part of pe-mod_ssl) to disable SSLv3 in the SSLProtocol line (followed by service pe-httpd restart). This was on CentOS 6.5. I wasn't sure how to patch passenger.pp.

Diary Archives