Overview
With the exposure of OpenSSL Heartbleed, penetration testing on the servers is more common. To some scanning software, Intermapper appears be vulnerable to certain OpenSSL attacks. This document describes the upgrade of OpenSSL support in Intermapper 5.8.2 or later to address vulnerabilities in SSL-based services.
Note: If you make changes to the ssl.conf file, be sure to restart the Intermapper and Intermapper DataCenter services.
OpenSSL (v1.0.1j)
Intermapper 5.8.2 uses OpenSSL (v1.0.1j). Because the OpenSSL library is statically linked, introducing newer OpenSSL shared libraries through operating system upgrades does not remediate vulnerabilities. A new version of Intermapper is required.
Intermapper Services
Intermapper contains three SSL-based servers:
- IM web server (port 443)
- IM Kali server (port 8181)
- IM DataCenter server (port 8182)
Versions prior to 5.8.2 supported only SSLv3 and TLSv1.0. Through upgrade to OpenSSL v1.0.1, version 5.8.2 adds support for TLSv1.1 and TLSv1.2. Intermapper supports SSLv3 and TLSv1.0 protocols by default. Intermapper's clients request TLSv1.2.
Configuring Intermapper's SSL Services
All of Intermapper's SSL-based servers use a single configuration file to control the SSL features supported by your particular Intermapper installation.
Here's what you can control:
- SSL protocols offered — You can disable protocols deemed vulnerable. For example, a common fix for the POODLE vulnerability is to disable SSLv3.
- SSL ciphers offered — Vulnerable ciphers can be blocked to mitigate future issues. For example, an alternative fix for the POODLE vulnerability, without disabling SSLv3, is to disable CBC-based ciphers and promote RC4-based ones.
- Behavior options — For example, you can disable client-initiated session renegotiation completely.
TLSv1.0 Is Still Required for 6.2.2 and earlier
These enhancements provide access to newer protocols (TLSv1.1 and TLSv1.2) and a number of new encryption schemes. If TLSv1.1 or TLSv1.2 is enabled, Intermapper's web interfaces (with an appropriate browser) and python clients for Intermapper DataCenter can take advantage of them. Intermapper's Mac and Windows installers include Java 7, which does not enable TLSv1.1 and TLSv1.2. For this reason, TLSv1.0 was still required for Intermapper's Java clients.
Intermapper started shipping Java 8 with version 6.0 The requirement to include TLS 1.0 has been removed for Intermapper 6.2.3 and newer.
SSL Configuration File (ssl.conf)
An example configuration file named "ssl.conf.example", is installed in the Intermapper_Settings directory.
If available (and readable), all Intermapper servers load "ssl.conf" during startup.
To activate SSL control using the configuration file:
-
Copy "ssl.conf.example" to "ssl.conf".
-
Make changes as described below to select the options you want.
-
Restart the Intermapper and Intermapper DataCenter servers.
The file contains three elements:
- Protocols — select SSL protocol versions to be offered by the server.
- Ciphers — select encryption cipher suites to be offered by the server.
- Options — control other security options for the servers.
Each requires a value in double-quotes:
Protocols "[configuration string]"
Ciphers "[configuration string]"
Options "[configuration string]"
Contents of ssl.conf.example:
#
#
# ssl.conf for Intermapper Server and Intermapper DataCenter
#
# The file 'ssl.conf' will be loaded on server startup if it is located in the
# root of the Intermapper_Settings folder.
# It must be readable by the intermapper user.
#
#
# Protocols - select SSL/TLS protocol versions to support.
#
# Valid protocols are:
# SSLv3 SSL version 3
# TLSv1.0 TLS version 1.0
# TLSv1.1 TLS version 1.1
# TLSv1.2 TLS version 1.2
# TLSv1 all TLS v1.x
# ALL all protocols
#
# This is the default:
# Protocols "ALL"
# To disable SSLv3:
# Protocols "ALL:-SSLv3"
#
# Ciphers - select ciphers to allow.
#
# See CIPHER STRINGS in https://www.openssl.org/docs/apps/ciphers.html
#
# This is the default for Intermapper server:
# Ciphers "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH"
#
# Options - enable or disable SSL server behaviour
#
# Valid options are:
# [+|-]ClientInitiatedRenegotiation
# - allow client-initiated session renegotiation
# [+|-]CipherServerPreference
# - use server preferences for choice of cipher
# This is the default:
# Options "+ClientInitiatedRenegotiation:-CipherServerPreference"
Comment lines, beginning with "#", and empty lines are ignored.
Under normal installation conditions, the Intermapper Settings directory will be located at:
Mac /Library/Application Support/Intermapper Settings
Linux, Unix /var/local/Intermapper_Settings
Windows c:\ProgramData\Intermapper\Intermapper Settings
Protocols
This takes the form of a colon-delimited list of protocols that will be supported by the server, from the following:
- ALL - all protocols below
- SSLv3 - SSL version 3
- TLSv1 - all TLS v1.x protocols
- TLSv1.0 - TLS version 1.0
- TLSv1.1 - TLS version 1.1
- TLSv1.2 - TLS version 1.2
A prefix of + or - may be applied to enable or disable a protocol; + is assumed if neither is supplied. For example:
Protocols "ALL:-SSLv3"
This enables support for TLSv1.0, TLSv1.1, TLSv1.2, equivalent to "TLSv1". Another example:
Protocols "ALL:-SSLv3:-TLSv1.0:-TLSv1.1"
This disables support for SSLv3, TLSv1.0, and TLSv1.1, and supports a requirement for TLS 1.2.
The servers will negotiate the highest possible protocol version in common with client support. At least one protocol must be supported, or the servers will resort to default configuration (ALL).
Note that Java-based Intermapper clients such as the Intermapper Console and Intermapper RemoteAccess currently require TLSv1.0 support. Without it, they will fail to connect to the Intermapper server.
Ciphers
This is a colon-delimited list of OpenSSL cipher strings, as described in the sections CIPHER LIST FORMAT and CIPHER STRINGS in the document:
https://www.openssl.org/docs/apps/ciphers.html
The Intermapper server default is:
Ciphers "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH"
The --ciphers argument to the Intermapper server program can be used to list cipher suites. It is functionally equivalent to the 'openssl cipher -v ' command described in the above document. A cipherlist of ALL will show all supported ciphers, DEFAULT will show the Intermapper default (without further configuration), and anything else will be interpreted as a cipherlist to be decoded.
Here's the full list of cipher suites available at the server:
# /usr/local/bin/intermapperd --ciphers ALL
SSL library: OpenSSL 1.0.1j 15 Oct 2014 (SSLv3,TLSv1.0,TLSv1.1,TLSv1.2)
Showing all available ciphers:
ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) Mac=AEAD
ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384
ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA384
ECDHE-RSA-AES256-SHA SSLv3 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA1
ECDHE-ECDSA-AES256-SHA SSLv3 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA1
SRP-DSS-AES-256-CBC-SHA SSLv3 Kx=SRP Au=DSS Enc=AES(256) Mac=SHA1
SRP-RSA-AES-256-CBC-SHA SSLv3 Kx=SRP Au=RSA Enc=AES(256) Mac=SHA1
SRP-AES-256-CBC-SHA SSLv3 Kx=SRP Au=SRP Enc=AES(256) Mac=SHA1
DHE-DSS-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=DSS Enc=AESGCM(256) Mac=AEAD
DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(256) Mac=AEAD
DHE-RSA-AES256-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(256) Mac=SHA256
DHE-DSS-AES256-SHA256 TLSv1.2 Kx=DH Au=DSS Enc=AES(256) Mac=SHA256
DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1
DHE-DSS-AES256-SHA SSLv3 Kx=DH Au=DSS Enc=AES(256) Mac=SHA1
DHE-RSA-CAMELLIA256-SHA SSLv3 Kx=DH Au=RSA Enc=Camellia(256) Mac=SHA1
DHE-DSS-CAMELLIA256-SHA SSLv3 Kx=DH Au=DSS Enc=Camellia(256) Mac=SHA1
ECDH-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AESGCM(256) Mac=AEAD
ECDH-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AESGCM(256) Mac=AEAD
ECDH-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AES(256) Mac=SHA384
ECDH-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AES(256) Mac=SHA384
ECDH-RSA-AES256-SHA SSLv3 Kx=ECDH/RSA Au=ECDH Enc=AES(256) Mac=SHA1
ECDH-ECDSA-AES256-SHA SSLv3 Kx=ECDH/ECDSA Au=ECDH Enc=AES(256) Mac=SHA1
AES256-GCM-SHA384 TLSv1.2 Kx=RSA Au=RSA Enc=AESGCM(256) Mac=AEAD
AES256-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA256
AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1
CAMELLIA256-SHA SSLv3 Kx=RSA Au=RSA Enc=Camellia(256) Mac=SHA1
PSK-AES256-CBC-SHA SSLv3 Kx=PSK Au=PSK Enc=AES(256) Mac=SHA1
ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD
ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(128) Mac=AEAD
ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA256
ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA256
ECDHE-RSA-AES128-SHA SSLv3 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA1
ECDHE-ECDSA-AES128-SHA SSLv3 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA1
SRP-DSS-AES-128-CBC-SHA SSLv3 Kx=SRP Au=DSS Enc=AES(128) Mac=SHA1
SRP-RSA-AES-128-CBC-SHA SSLv3 Kx=SRP Au=RSA Enc=AES(128) Mac=SHA1
SRP-AES-128-CBC-SHA SSLv3 Kx=SRP Au=SRP Enc=AES(128) Mac=SHA1
DHE-DSS-AES128-GCM-SHA256 TLSv1.2 Kx=DH Au=DSS Enc=AESGCM(128) Mac=AEAD
DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(128) Mac=AEAD
DHE-RSA-AES128-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(128) Mac=SHA256
DHE-DSS-AES128-SHA256 TLSv1.2 Kx=DH Au=DSS Enc=AES(128) Mac=SHA256
DHE-RSA-AES128-SHA SSLv3 Kx=DH Au=RSA Enc=AES(128) Mac=SHA1
DHE-DSS-AES128-SHA SSLv3 Kx=DH Au=DSS Enc=AES(128) Mac=SHA1
DHE-RSA-SEED-SHA SSLv3 Kx=DH Au=RSA Enc=SEED(128) Mac=SHA1
DHE-DSS-SEED-SHA SSLv3 Kx=DH Au=DSS Enc=SEED(128) Mac=SHA1
DHE-RSA-CAMELLIA128-SHA SSLv3 Kx=DH Au=RSA Enc=Camellia(128) Mac=SHA1
DHE-DSS-CAMELLIA128-SHA SSLv3 Kx=DH Au=DSS Enc=Camellia(128) Mac=SHA1
ECDH-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AESGCM(128) Mac=AEAD
ECDH-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AESGCM(128) Mac=AEAD
ECDH-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AES(128) Mac=SHA256
ECDH-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH Enc=AES(128) Mac=SHA256
ECDH-RSA-AES128-SHA SSLv3 Kx=ECDH/RSA Au=ECDH Enc=AES(128) Mac=SHA1
ECDH-ECDSA-AES128-SHA SSLv3 Kx=ECDH/ECDSA Au=ECDH Enc=AES(128) Mac=SHA1
AES128-GCM-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AESGCM(128) Mac=AEAD
AES128-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA256
AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1
SEED-SHA SSLv3 Kx=RSA Au=RSA Enc=SEED(128) Mac=SHA1
CAMELLIA128-SHA SSLv3 Kx=RSA Au=RSA Enc=Camellia(128) Mac=SHA1
PSK-AES128-CBC-SHA SSLv3 Kx=PSK Au=PSK Enc=AES(128) Mac=SHA1
ECDHE-RSA-RC4-SHA SSLv3 Kx=ECDH Au=RSA Enc=RC4(128) Mac=SHA1
ECDHE-ECDSA-RC4-SHA SSLv3 Kx=ECDH Au=ECDSA Enc=RC4(128) Mac=SHA1
ECDH-RSA-RC4-SHA SSLv3 Kx=ECDH/RSA Au=ECDH Enc=RC4(128) Mac=SHA1
ECDH-ECDSA-RC4-SHA SSLv3 Kx=ECDH/ECDSA Au=ECDH Enc=RC4(128) Mac=SHA1
RC4-SHA SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
RC4-MD5 SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
PSK-RC4-SHA SSLv3 Kx=PSK Au=PSK Enc=RC4(128) Mac=SHA1
ECDHE-RSA-DES-CBC3-SHA SSLv3 Kx=ECDH Au=RSA Enc=3DES(168) Mac=SHA1
ECDHE-ECDSA-DES-CBC3-SHA SSLv3 Kx=ECDH Au=ECDSA Enc=3DES(168) Mac=SHA1
SRP-DSS-3DES-EDE-CBC-SHA SSLv3 Kx=SRP Au=DSS Enc=3DES(168) Mac=SHA1
SRP-RSA-3DES-EDE-CBC-SHA SSLv3 Kx=SRP Au=RSA Enc=3DES(168) Mac=SHA1
SRP-3DES-EDE-CBC-SHA SSLv3 Kx=SRP Au=SRP Enc=3DES(168) Mac=SHA1
EDH-RSA-DES-CBC3-SHA SSLv3 Kx=DH Au=RSA Enc=3DES(168) Mac=SHA1
EDH-DSS-DES-CBC3-SHA SSLv3 Kx=DH Au=DSS Enc=3DES(168) Mac=SHA1
ECDH-RSA-DES-CBC3-SHA SSLv3 Kx=ECDH/RSA Au=ECDH Enc=3DES(168) Mac=SHA1
ECDH-ECDSA-DES-CBC3-SHA SSLv3 Kx=ECDH/ECDSA Au=ECDH Enc=3DES(168) Mac=SHA1
DES-CBC3-SHA SSLv3 Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1
PSK-3DES-EDE-CBC-SHA SSLv3 Kx=PSK Au=PSK Enc=3DES(168) Mac=SHA1
EDH-RSA-DES-CBC-SHA SSLv3 Kx=DH Au=RSA Enc=DES(56) Mac=SHA1
EDH-DSS-DES-CBC-SHA SSLv3 Kx=DH Au=DSS Enc=DES(56) Mac=SHA1
DES-CBC-SHA SSLv3 Kx=RSA Au=RSA Enc=DES(56) Mac=SHA1
EXP-EDH-RSA-DES-CBC-SHA SSLv3 Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-EDH-DSS-DES-CBC-SHA SSLv3 Kx=DH(512) Au=DSS Enc=DES(40) Mac=SHA1 export
EXP-DES-CBC-SHA SSLv3 Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-RC2-CBC-MD5 SSLv3 Kx=RSA(512) Au=RSA Enc=RC2(40) Mac=MD5 export
EXP-RC4-MD5 SSLv3 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
This output comes direct from the OpenSSL library. The columns are: cipher suite, the minimum protocol version for that cipher suite, key exchange (Kx) algorithm, authentication (Au) algorithm and key size, hashing algorithm (Mac), and the final column indicates whether or not the scheme is an export version.
You can look at a potential Ciphers configuration by specifying it as a parameter to the --ciphers command-line option. On Mac, Linux and Unix, be sure to use single quotes to enclose the string, as shells will expand exclamation marks:
# /usr/local/bin/intermapperd --ciphers 'RC4:@STRENGTH'
SSL library: OpenSSL 1.0.1j 15 Oct 2014 (SSLv3,TLSv1.0,TLSv1.1,TLSv1.2)
Showing custom cipher list:
ECDHE-RSA-RC4-SHA SSLv3 Kx=ECDH Au=RSA Enc=RC4(128) Mac=SHA1
ECDHE-ECDSA-RC4-SHA SSLv3 Kx=ECDH Au=ECDSA Enc=RC4(128) Mac=SHA1
AECDH-RC4-SHA SSLv3 Kx=ECDH Au=None Enc=RC4(128) Mac=SHA1
ADH-RC4-MD5 SSLv3 Kx=DH Au=None Enc=RC4(128) Mac=MD5
ECDH-RSA-RC4-SHA SSLv3 Kx=ECDH/RSA Au=ECDH Enc=RC4(128) Mac=SHA1
ECDH-ECDSA-RC4-SHA SSLv3 Kx=ECDH/ECDSA Au=ECDH Enc=RC4(128) Mac=SHA1
RC4-SHA SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
RC4-MD5 SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
RC4-MD5 SSLv2 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
PSK-RC4-SHA SSLv3 Kx=PSK Au=PSK Enc=RC4(128) Mac=SHA1
EXP-ADH-RC4-MD5 SSLv3 Kx=DH(512) Au=None Enc=RC4(40) Mac=MD5 export
EXP-RC4-MD5 SSLv3 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
EXP-RC4-MD5 SSLv2 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
On Windows, use double-quotes to enclose the string:
C:\>"\Program Files\Intermapper\Intermapper.exe" --ciphers "ALL:!ADH:!AES:!MD5:!DES:!RC4:!CAMELLIA:!CBC3:!PSK:!SRP"
SSL library: OpenSSL 1.0.1j 15 Oct 2014 (SSLv3,TLSv1.0,TLSv1.1,TLSv1.2)
Showing custom cipher list:
DHE-RSA-SEED-SHA SSLv3 Kx=DH Au=RSA Enc=SEED(128) Mac=SHA1
DHE-DSS-SEED-SHA SSLv3 Kx=DH Au=DSS Enc=SEED(128) Mac=SHA1
SEED-SHA SSLv3 Kx=RSA Au=RSA Enc=SEED(128) Mac=SHA1
ECDHE-RSA-DES-CBC3-SHA SSLv3 Kx=ECDH Au=RSA Enc=3DES(168) Mac=SHA1
ECDHE-ECDSA-DES-CBC3-SHA SSLv3 Kx=ECDH Au=ECDSA Enc=3DES(168) Mac=SHA1
EDH-RSA-DES-CBC3-SHA SSLv3 Kx=DH Au=RSA Enc=3DES(168) Mac=SHA1
EDH-DSS-DES-CBC3-SHA SSLv3 Kx=DH Au=DSS Enc=3DES(168) Mac=SHA1
AECDH-DES-CBC3-SHA SSLv3 Kx=ECDH Au=None Enc=3DES(168) Mac=SHA1
ECDH-RSA-DES-CBC3-SHA SSLv3 Kx=ECDH/RSA Au=ECDH Enc=3DES(168) Mac=SHA1
ECDH-ECDSA-DES-CBC3-SHA SSLv3 Kx=ECDH/ECDSA Au=ECDH Enc=3DES(168) Mac=SHA1
DES-CBC3-SHA SSLv3 Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1
Note that you must configure at least one cipher that is available for your chosen protocol list (i.e. there's no point limiting yourself to ciphers only available with TLSv1.2 if you are not enabling, or will not always connect with, that protocol).
Options
This is a colon-delimited list of Intermapper-specific settings.
Two options are currently available:
- ClientInitiatedRenegotiation — this controls the ability of the client to initiate renegotiation of security settings for the connection. Some scanners regard this as a vulnerability. It is enabled by default.
- CipherServerPreference — in choosing encryption for the connection, normally the client preferences are used. This option allows the server configuration to take preference. It is disabled by default.
The defaults are:
Options "+ClientInitiatedRenegotiation:-CipherServerPreference"
Comparison to Apache Configuration
Security advice available on the web often describes Apache (mod_ssl) configuration directives to mitigate vulnerabilities. Here we discuss how they map to our ssl.conf settings.
SSLProtocol
Quite similar to Protocols, but note:
- we use TLSv1 to indicate all TLSv1.x schemes, rather than just TLSv1.0;
- we have an explicit TLSv1.0 token;
- we delimit elements using ':' rather than space;
- we do not support SSLv2.
SSLCipherSuite
- Identical to Ciphers. This is the OpenSSL cipher list format.
SSLHonorCipherOrder
- This is equivalent to our CipherServerPreference option.
SSLInsecureRenegotiation
- Not supported (i.e. "off").
SSLCompression
- Not supported (i.e. "off"). We disable SSL compression to guard against the CRIME attack.
Log Messages
A few words about some of the new log entries you might see in the various log files.
Intermapper Server
Warning: SSL protocol configuration does not enable TLSv1.0. Connections from Intermapper clients may fail.
In Intermapper 6.2.2 and earlier, our Java UIs (IM Console and IMRA) require TLSv1.0.
Check that it is not disabled in ssl.conf.
SSL library: OpenSSL 1.0.1j 15 Oct 2014
Use Certificate: /C=US/ST=Minnesota/L=Eden Prairie/O=HelpSystems, LLC/OU=Demo Certificate (insecure)/CN=low-security.helpsystems.com/[email protected]
Not Before: Aug 8 14:47:19 2014 GMT, Not After: Aug 8 14:47:19 2015 GMT
SSL server protocols: TLSv1.0 TLSv1.1 TLSv1.2
Using custom SSL server cipher list ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH
The above, in the Debug log, is a typical startup sequence. Here we have overridden the default protocols to disable SSLv3, and we have explicitly defined a cipher list.
SSL server preference for cipher selection enabled
SSL client initiated session renegotiation disabled
Here we have reversed the defaults for both supported entries in Options in ssl.conf.
Error setting custom SSL cipher list (invalid ciphers)
Using default SSL server cipher list ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH
Indicates that the Ciphers list in ssl.conf was rejected by the underlying SSL support, and the default cipher list was used in place.
09:40:09 SSLError(1) - 336109835 = error:1408A10B:SSL routines:SSL3_GET_CLIENT_HELLO:wrong version number
09:40:09 SSLError(1) - 336027900 = error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
09:40:09 SSLError(1) - 336109761 = error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher
These are not new messages, but they show failures by a client to connect to the Intermapper server. In this case it was due to an SSLv3-only client attempting to connect when SSLv3 had been disabled in ssl.conf. Check Protocols and Ciphers in ssl.conf.
16:22:15 SSLError(1) - 336130329 = error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac
16:22:15 SSLError(1) - 336027900 = error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
Similar to the above. These two together are typical of the case where a client which only supports earlier SSL/TLS protocol versions, attempts to connect to a server where those versions have been disabled in favour of later protocol versions. To fix: re-enable protocols in ssl.conf.
10:07:13 SSL: rejecting client session renegotiation attempt from 127.0.0.1:43552
A client connection has been closed because it attempted to perform session renegotiation, with the ClientInitiatedRenegotiation option disabled in ssl.conf.
Intermapper DataCenter
2014-11-05 09:44:25 INFO Loading SSL configuration from /var/local/Intermapper_Settings/ssl.conf
Indicates that the SSL configuration file ssl.conf has been located and will be loaded.
2014-11-05 09:49:30 WARNING Ignoring unrecognised token MISSPELT in SSL configuration line 25
Indicates an error in the ssl.conf configuration file.
2014-11-05 09:51:01 REASON Technical Information: <class 'OpenSSL.SSL.Error'> [('SSL routines', 'SSL_CTX_set_cipher_list', 'no cipher match')] ['Traceback (most recent call last):\n', ' File "/imdc/main.py", line 404, in \n', ' File "/imdc/server.py", line 209, in __init__\n', ' File "/imdc/server.py", line 366, in loadCertificateServer\n', "Error: [('SSL routines', 'SSL_CTX_set_cipher_list', 'no cipher match')]\n"]
2014-11-05 09:51:01 CRITICAL Sorry, IMDC can't recover from the above problem, and must shut down.
This indicates a more serious problem with ssl.conf. Here, the Ciphers list was rejected by the underlying SSL support services because the list did not resolve to any supported ciphers. Check both Protocols and Ciphers configuration.
2014-11-05 09:44:46 INFO SSL: rejecting client session renegotiation attempt from 10.4.1.129:53421
A client connection has been closed because it attempted to perform session renegotiation, with the ClientInitiatedRenegotiation option disabled in ssl.conf.
Notes For Selected Vulnerabilities
Further information on SSL vulnerabilities may be found at:
https://www.openssl.org/news/vulnerabilities.html
We now use OpenSSL v1.0.1j in both Intermapper Server and Intermapper DataCenter.
Low Grade Cipher Suites, Encryption Strength
The Intermapper server default is to disallow low grade encryption schemes, through use of "!LOW:!EXP" in the cipher list.
IMDC server uses the OpenSSL default which includes low grade encryption schemes. To upgrade it to the default level of Intermapper server, use the following suggested default in ssl.conf:
Ciphers "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH"
SSLv2 (Multiple)
Not vulnerable as we do not support SSLv2.
POODLE (CVE-2014-3566)
Customers concerned about this vulnerability can address it by disabling SSLv3 in the ssl.conf file, which is the simplest and most compatible fix.
Protocols "ALL:-SSLv3"
This configuration is compatible with older Intermapper clients — which will continue to use TLSv1.0.
Heartbleed (CVE-2014-0160)
Not vulnerable as we now use a version of OpenSSL greater than 1.0.1g.
CCS (CVE-2014-0224)
Not vulnerable as we now use a version of OpenSSL greater than 1.0.1h.
Session Renegotiation (CVE-2009-3555)
The version of OpenSSL we now use has support for secure session renegotiation (RFC5746). However, this will not be supported by older clients, and some scanners might complain that client-initiated session renegotiation is supported at all. Such renegotiation may be completely disabled through the following configuration in ssl.conf:
Options "-ClientInitiatedRenegotiation"
At the time of writing, Intermapper does not require client-initiated session renegotiation, so the feature may be disabled and still preserve compatibility with older Intermapper clients.
CRIME, TLS (CVE-2012-4929)
Not vulnerable as SSL compression is disabled.
BREACH
Not vulnerable as HTTP-level compression is disabled.
BEAST (CVE-2011-3389)
Consider the following opinion:
https://community.qualys.com/blogs/securitylabs/2013/09/10/is-beast-still-a-threat
It is possible to mitigate this threat by disabling SSLv3 and TLSv1.0. However, our current Java UI clients (IM Console and IM RemoteAccess) require TLSv1.0 support.
There are alternative methods, such as favouring stream ciphers such as RC4, but this is no longer recommended due to vulnerabilities in RC4 schemes.
Weak keying material (CVE-2014-0224)
Not vulnerable as we now use a version of OpenSSL greater than 1.0.1g.
DTLS DoS (CVE-2014-0221)
Not vulnerable as we now use a version of OpenSSL greater than 1.0.1g.
DTLS fragmentation buffer overrun (CVE-2014-0195)
Not vulnerable as we now use a version of OpenSSL greater than 1.0.1g.
ECDH DoS (CVE-2014-3470)
Not vulnerable as we now use a version of OpenSSL greater than 1.0.1g.
ECDSA nonce recovery (CVE-2014-0076)
Not vulnerable as we now use a version of OpenSSL greater than 1.0.1f.
Buffer release bugs (CVE-2014-0198, CVE-2014-5928)
Not vulnerable as we now use a version of OpenSSL greater than 1.0.1g.
