Deshabilitar weak ciphers CBC + comprobación (dominios no publicados en internet)
Introducción
Se tiene un dominio interno en F5 LTM (no publicado en internet), que según un reporte de pentest, tiene los weak ciphers CBC habilitados y se busca deshabilitarlos.
Comprobación de los cifrados configurados actualmente
En el caso de dominios publicados en internet se dispone de la herramienta de SSL Labs (https://www.ssllabs.com/ssltest), sin embargo un dominio interno no tiene acceso a internet y por lo tanto no tiene acceso a esta herramienta.
Buscando, encuentro las siguientes discusiones en el foro de Qualys (empresa que mantiene la página de SSL Labs):
Que acaban llevando a una página de GitHub con varias herramientas para poder analizar offline el dominio.
https://github.com/ssllabs/research/wiki/Assessment-Tools
De la lista de herramientas disponibles en esta web, escojo SSLyze (https://github.com/nabla-c0d3/sslyze). Una vez descargado y extraido, abrir un cmd, situarse en la carpeta y usar el comando:
sslyze <dominio>para analizar el dominio. Ejemplo:
C:\Users\sjimenezanton\Downloads\sslyze-5.0.5-exe>sslyze www.deloitte.es
CHECKING CONNECTIVITY TO SERVER(S)
----------------------------------
www.deloitte.es:443 => 185.90.28.164
SCAN RESULTS FOR WWW.DELOITTE.ES:443 - 185.90.28.164
----------------------------------------------------
* Certificates Information:
Hostname sent for SNI: www.deloitte.es
Number of certificates detected: 1
Certificate #0 ( _RSAPublicKey )
SHA1 Fingerprint: c4d677e7890fe320d53c4365cec05cc55b057562
Common Name: www.deloitte.es
Issuer: Entrust Certification Authority - L1K
Serial Number: 130177297830091814089227418628627723075
Not Before: 2022-12-14
Not After: 2023-12-30
Public Key Algorithm: _RSAPublicKey
Signature Algorithm: sha256
Key Size: 2048
Exponent: 65537
DNS Subject Alternative Names: ['www.deloitte.es', 'deloitte.es']
Certificate #0 - Trust
Hostname Validation: OK - Certificate matches server hostname
Android CA Store (12.1.0_r5): OK - Certificate is trusted
Apple CA Store (iOS 15.1, iPadOS 15.1, macOS 12.1, tvOS 15.1, and watchOS 8.1):OK - Certificate is trusted
Java CA Store (jdk-13.0.2): OK - Certificate is trusted
Mozilla CA Store (2022-04-03): OK - Certificate is trusted
Windows CA Store (2022-04-10): OK - Certificate is trusted
Symantec 2018 Deprecation: OK - Not a Symantec-issued certificate
Received Chain: www.deloitte.es --> Entrust Certification Authority - L1K --> Entrust Root Certification Authority - G2
Verified Chain: www.deloitte.es --> Entrust Certification Authority - L1K --> Entrust Root Certification Authority - G2
Received Chain Contains Anchor: OK - Anchor certificate not sent
Received Chain Order: OK - Order is valid
Verified Chain contains SHA1: OK - No SHA1-signed certificate in the verified certificate chain
Certificate #0 - Extensions
OCSP Must-Staple: NOT SUPPORTED - Extension not found
Certificate Transparency: OK - 3 SCTs included
Certificate #0 - OCSP Stapling
NOT SUPPORTED - Server did not send back an OCSP response
* SSL 2.0 Cipher Suites:
Attempted to connect using 7 cipher suites; the server rejected all cipher suites.
* SSL 3.0 Cipher Suites:
Attempted to connect using 80 cipher suites; the server rejected all cipher suites.
* TLS 1.0 Cipher Suites:
Attempted to connect using 80 cipher suites; the server rejected all cipher suites.
* TLS 1.1 Cipher Suites:
Attempted to connect using 80 cipher suites; the server rejected all cipher suites.
* TLS 1.2 Cipher Suites:
Attempted to connect using 156 cipher suites.
The server accepted the following 22 cipher suites:
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 256
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 128
TLS_RSA_WITH_AES_256_GCM_SHA384 256
TLS_RSA_WITH_AES_256_CBC_SHA256 256
TLS_RSA_WITH_AES_256_CBC_SHA 256
TLS_RSA_WITH_AES_128_GCM_SHA256 128
TLS_RSA_WITH_AES_128_CBC_SHA256 128
TLS_RSA_WITH_AES_128_CBC_SHA 128
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 256 ECDH: prime256v1 (256 bits)
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 256 ECDH: prime256v1 (256 bits)
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 ECDH: prime256v1 (256 bits)
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 128 ECDH: prime256v1 (256 bits)
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 128 ECDH: prime256v1 (256 bits)
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 ECDH: prime256v1 (256 bits)
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 256 DH (2048 bits)
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 128 DH (2048 bits)
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 256 DH (2048 bits)
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 256 DH (2048 bits)
TLS_DHE_RSA_WITH_AES_256_CBC_SHA 256 DH (2048 bits)
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 128 DH (2048 bits)
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 128 DH (2048 bits)
TLS_DHE_RSA_WITH_AES_128_CBC_SHA 128 DH (2048 bits)
The group of cipher suites supported by the server has the following properties:
Forward Secrecy OK - Supported
Legacy RC4 Algorithm OK - Not Supported
* TLS 1.3 Cipher Suites:
Attempted to connect using 5 cipher suites; the server rejected all cipher suites.
* Deflate Compression:
OK - Compression disabled
* OpenSSL CCS Injection:
OK - Not vulnerable to OpenSSL CCS injection
* OpenSSL Heartbleed:
OK - Not vulnerable to Heartbleed
* ROBOT Attack:
OK - Not vulnerable.
* Session Renegotiation:
Client Renegotiation DoS Attack: OK - Not vulnerable
Secure Renegotiation: OK - Supported
* Elliptic Curve Key Exchange:
Supported curves: X25519, prime256v1, secp384r1
Rejected curves: X448, prime192v1, secp160k1, secp160r1, secp160r2, secp192k1, secp224k1, secp224r1, secp256k1, secp521r1, sect163k1, sect163r1, sect163r2, sect193r1, sect193r2, sect233k1, sect233r1, sect239k1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1
SCANS COMPLETED IN 3.717492 S
-----------------------------
COMPLIANCE AGAINST MOZILLA TLS CONFIGURATION
--------------------------------------------
Checking results against Mozilla's "intermediate" configuration. See https://ssl-config.mozilla.org/ for more details.
www.deloitte.es:443: FAILED - Not compliant.
* maximum_certificate_lifespan: Certificate life span is 381 days, should be less than 366.
* ciphers: Cipher suites {'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA', 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA', 'TLS_RSA_WITH_CAMELLIA_256_CBC_SHA', 'TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA', 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA', 'TLS_RSA_WITH_AES_256_GCM_SHA384', 'TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA', 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA', 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256', 'TLS_RSA_WITH_AES_128_CBC_SHA', 'TLS_RSA_WITH_AES_256_CBC_SHA256', 'TLS_RSA_WITH_AES_256_CBC_SHA', 'TLS_RSA_WITH_AES_128_CBC_SHA256', 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA256', 'TLS_RSA_WITH_CAMELLIA_128_CBC_SHA', 'TLS_RSA_WITH_AES_128_GCM_SHA256', 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384', 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA256'} are supported, but should be rejected.En este ejemplo, se reporta que sólo está activado TLS 1.2 con las suites de cifrado que se indican.