Le Mon, 19 Jul 2010 14:12:15 -0700,
Kees Cook <kees@ubuntu.com> a écrit :
> Thoughts?
Shouldn't this be coordinated with Debian?
Cheers
Laurent Bigonville
--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
07-20-2010, 06:37 AM
Stephan Hermann
really drop SSLv2
On Mon, 2010-07-19 at 14:12 -0700, Kees Cook wrote:
> In 2008 there was discussion[1] about disabling SSLv2 in OpenSSL. The
> conclusion seemed favorable for it, and so it was attempted[2] in openssl
> 0.9.8g-10.1ubuntu2 for Intrepid.
>
> Unfortunately, this change seems to have had no affect on the build, and
> SSLv2 has remained available. I would like to propose fixing this for real
> now, and documenting the change in the SSL man pages.
>
> I'd like to point out that even as far back as Dapper, GnuTLS has not
> supported SSLv2; IMO, it is high time to make it go away for OpenSSL too.
>
> The attached debdiff would disallow the use of SSLv2 in any mode without
> wrecking the openssl library ABI.
>
Yes please, make it go away.
People who are configuring mod_ssl with openssl the wrong way, always
have problems when a security audit comes along.
SSLv2 is deprecated and should never be used in any scenario.
Regards,
sh
--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
08-04-2010, 01:44 PM
Jim Tarvid
really drop SSLv2
Why not kill the weak ciphers too?
On Mon, Jul 19, 2010 at 6:09 PM, Eric Peters <eric@linuxsystems.net> wrote:
Like Scott*said*make it die! But I*guarantee*it's going to break something, what that something is the question.
Cheers,Eric
On Mon, Jul 19, 2010 at 3:06 PM, Kees Cook <kees@ubuntu.com> wrote:
Hi Laurent,
On Mon, Jul 19, 2010 at 11:34:47PM +0200, Laurent Bigonville wrote:
> Le Mon, 19 Jul 2010 14:12:15 -0700,
> Kees Cook <kees@ubuntu.com> a écrit :
>
> > Thoughts?
>
> Shouldn't this be coordinated with Debian?
Yes, if there isn't strong objection in Ubuntu, my next step would be to
--
Rev. Jim Tarvid, PCA
Galax, Virginia
http://ls.net
http://drupal.ls.net
--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
08-04-2010, 10:05 PM
Kees Cook
really drop SSLv2
Hi Jim,
On Wed, Aug 04, 2010 at 09:44:25AM -0400, Jim Tarvid wrote:
> Why not kill the weak ciphers too?
Sure! Can you send a patch for this?
Thanks!
-Kees
>
> On Mon, Jul 19, 2010 at 6:09 PM, Eric Peters <eric@linuxsystems.net> wrote:
>
> > Like Scott said make it die! But I guarantee it's going to break something,
> > what that something is the question.
> >
> > Cheers,
> > Eric
> >
> >
> > On Mon, Jul 19, 2010 at 3:06 PM, Kees Cook <kees@ubuntu.com> wrote:
> >
> >> Hi Laurent,
> >>
> >> On Mon, Jul 19, 2010 at 11:34:47PM +0200, Laurent Bigonville wrote:
> >> > Le Mon, 19 Jul 2010 14:12:15 -0700,
> >> > Kees Cook <kees@ubuntu.com> a écrit :
> >> >
> >> > > Thoughts?
> >> >
> >> > Shouldn't this be coordinated with Debian?
> >>
> >> Yes, if there isn't strong objection in Ubuntu, my next step would be to
> >> propose it to Debian as well.
> >>
> >> -Kees
> >>
> >> --
> >> Kees Cook
> >> Ubuntu Security Team
> >>
> >> --
> >> ubuntu-server mailing list
> >> ubuntu-server@lists.ubuntu.com
> >> https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
> >> More info: https://wiki.ubuntu.com/ServerTeam
> >>
> >
> >
> > --
> > ubuntu-server mailing list
> > ubuntu-server@lists.ubuntu.com
> > https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
> > More info: https://wiki.ubuntu.com/ServerTeam
> >
>
>
>
> --
> Rev. Jim Tarvid, PCA
> Galax, Virginia
> http://ls.net
> http://drupal.ls.net
--
Kees Cook
Ubuntu Security Team
--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
08-05-2010, 09:47 AM
Daniel J Blueman
really drop SSLv2
On 4 August 2010 23:05, Kees Cook <kees@ubuntu.com> wrote:
> Hi Jim,
>
> On Wed, Aug 04, 2010 at 09:44:25AM -0400, Jim Tarvid wrote:
>> Why not kill the weak ciphers too?
>
> Sure! Can you send a patch for this?
If this is done, please reenable the 'none' cypher, so we can get
decent performance on slow/small systems where security isn't
important (eg on a trusted LAN). I believe Debian disabled this
previously, so I was using arcfour128, which is a 'weak' cipher.
I agree to removing weak ciphers and SSLv2 to ensure people don't get
a false sense of security, or use broken protocols.
Thanks,
Daniel
> Thanks!
>
> -Kees
>
>>
>> On Mon, Jul 19, 2010 at 6:09 PM, Eric Peters <eric@linuxsystems.net> wrote:
>>
>> > Like Scott said make it die! But I guarantee it's going to break something,
>> > what that something is the question.
>> >
>> > Cheers,
>> > Eric
>> >
>> >
>> > On Mon, Jul 19, 2010 at 3:06 PM, Kees Cook <kees@ubuntu.com> wrote:
>> >
>> >> Hi Laurent,
>> >>
>> >> On Mon, Jul 19, 2010 at 11:34:47PM +0200, Laurent Bigonville wrote:
>> >> > Le Mon, 19 Jul 2010 14:12:15 -0700,
>> >> > Kees Cook <kees@ubuntu.com> a écrit :
>> >> >
>> >> > > Thoughts?
>> >> >
>> >> > Shouldn't this be coordinated with Debian?
>> >>
>> >> Yes, if there isn't strong objection in Ubuntu, my next step would be to
>> >> propose it to Debian as well.
>> >>
>> >> -Kees
--
Daniel J Blueman
--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
08-05-2010, 11:17 AM
Jim Tarvid
really drop SSLv2
On Wed, Aug 4, 2010 at 6:05 PM, Kees Cook <kees@ubuntu.com> wrote:
Hi Jim,
On Wed, Aug 04, 2010 at 09:44:25AM -0400, Jim Tarvid wrote:
55c55
< SSLCipherSuite HIGH:!ADH
---
> #SSLCipherSuite HIGH:MEDIUM:!ADH
58c58
< SSLProtocol all -SSLv2
---
> #SSLProtocol all -SSLv2
Many thought and caveats.
Old browsers may not be able to negotiate SSLCipherSuite HIGH. I don't know and I don't care
Only the most ancient browsers will not be able to negotiate TLSv1 or SSLv3. see #1Daniel J Blueman may want NULL (eNULL) instead of NONEI have consulted but not read much less studied http://www.modssl.org/docs/2.8/
I have consulted but not read much less studied http://www.openssl.org/docs/Patching either belongs upstream but configuration is fair game. The default configuration should be safe and it is not
Ubuntu should allow version choices for core server components. Patching while retaining version numbers leads to confusion.
works with Firefox 3.6.8 and Lucidroot@helen:/etc/apache2/mods-available# openssl s_client -connect secure.grayson-inn.com:443
CONNECTED(00000003)
depth=0 /description=200989-N5Z0cD9dfFpX5YO1/C=US/O=Persona Not Validated/OU=StartCom Free Certificate Member/CN=secure.grayson-inn.com/emailAddress=hostmaster@ls.net
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 /description=200989-N5Z0cD9dfFpX5YO1/C=US/O=Persona Not Validated/OU=StartCom Free Certificate Member/CN=secure.grayson-inn.com/emailAddress=hostmaster@ls.net
verify error:num=27:certificate not trusted
verify return:1
depth=0 /description=200989-N5Z0cD9dfFpX5YO1/C=US/O=Persona Not Validated/OU=StartCom Free Certificate Member/CN=secure.grayson-inn.com/emailAddress=hostmaster@ls.net
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
*0 s:/description=200989-N5Z0cD9dfFpX5YO1/C=US/O=Persona Not Validated/OU=StartCom Free Certificate Member/CN=secure.grayson-inn.com/emailAddress=hostmaster@ls.net
** i:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Class 1 Primary Intermediate Server CA
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIGzjCCBbagAwIBAgIDAaaMMA0GCSqGSIb3DQEBBQUAMIGMMQ swCQYDVQQGEwJJ
-----END CERTIFICATE-----
subject=/description=200989-N5Z0cD9dfFpX5YO1/C=US/O=Persona Not Validated/OU=StartCom Free Certificate Member/CN=secure.grayson-inn.com/emailAddress=hostmaster@ls.net
issuer=/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Class 1 Primary Intermediate Server CA
---
No client certificate CA names sent
---
SSL handshake has read 2438 bytes and written 316 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 2048 bit
Compression: NONE
Expansion: NONE
SSL-Session:
*** Protocol* : TLSv1
*** Cipher*** : DHE-RSA-AES256-SHA
*** Session-ID: AE224AAAECB6770D59BCA7460BC189311ABAE88C368D41F45E C5F2300705254C
*** Verify return code: 21 (unable to verify the first certificate)
---
--
Rev. Jim Tarvid, PCA
Galax, Virginia
http://ls.net
http://drupal.ls.net
--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
08-08-2010, 08:38 PM
Daniel J Blueman
really drop SSLv2
On 5 August 2010 12:17, Jim Tarvid <tarvid@ls.net> wrote:
> On Wed, Aug 4, 2010 at 6:05 PM, Kees Cook <kees@ubuntu.com> wrote:
>>
>> Hi Jim,
>>
>> On Wed, Aug 04, 2010 at 09:44:25AM -0400, Jim Tarvid wrote:
>> > Why not kill the weak ciphers too?
>>
>> Sure! Can you send a patch for this?
> Many thought and caveats.
>
> Old browsers may not be able to negotiate SSLCipherSuite HIGH. I don't know
> and I don't care
> Only the most ancient browsers will not be able to negotiate TLSv1 or SSLv3.
> see #1
> Daniel J Blueman may want NULL (eNULL) instead of NONE
Good info, but no cigar:
$ ssh -o ciphers=NULL x1
command-line line 0: Bad SSH2 cipher spec 'NULL'.
I guess I should select it a different way? 'none' is a valid cipher
when enabled in the configure script.
Thanks,
Daniel
--
Daniel J Blueman
--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
08-09-2010, 01:34 AM
Jim Tarvid
really drop SSLv2
The point is passing Credit Card compliance tests. OOB, Ubuntu doesn't do so well. Spent the last two weeks getting through the process. I'll write it up in some detail but the key points were:
ciphers
protocolsip*separationNameVirtualHostsno default directory pathsmodsecurityTRACE - took rewrite rules to *get rid of itserver isolation (smtp, pop, imap, dns, ntp)
utility isolation (phpmyadmin, phpinfo, cacti, webmin)secure ftpNow I would like a script to monitor sites and home pages on a daily basis to I can catch PHP issues.
On Thu, Aug 5, 2010 at 10:02 AM, Etienne Goyer <etienne.goyer@canonical.com> wrote:
> On 10-08-04 06:05 PM, Kees Cook wrote:
>> Hi Jim,
>>
>> On Wed, Aug 04, 2010 at 09:44:25AM -0400, Jim Tarvid wrote:
>>> Why not kill the weak ciphers too?
>>
>> Sure! Can you send a patch for this?
>
> I do not really see the point. *Since the client and the server will
> negotiate the strongest cipher they both support, what exactly would we
> gain by removing cipher considered weak?
>
>
> --
> Etienne Goyer
> Technical Account Manager - Canonical Ltd
> Ubuntu Certified Instructor * - * *LPIC-3
>
> *~= Ubuntu: Linux for Human Beings =~
>
> --
> ubuntu-devel mailing list
> ubuntu-devel@lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
>
--
Rev. Jim Tarvid, PCA
Galax, Virginia
http://ls.net
http://drupal.ls.net
--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
08-09-2010, 03:54 AM
Paul Graydon
really drop SSLv2
That's strange.* I've always been able to disable successfully Trace
and Track through adding the following line to the config file:
TraceEnable off
I'd think I'd be inclined to argue for that being set by default,
but it depends on whether PCI-DSS compliance is valued over RFC
compliance as disabling it makes the Apache httpd setup non-RFC
compliant (HTTP1.1 specification, section 9.8:
http://www.ietf.org/rfc/rfc2616.txt)
Paul
On 8/8/2010 3:34 PM, Jim Tarvid wrote:
The point is passing Credit Card compliance tests.
OOB, Ubuntu doesn't do so well. Spent the last two weeks getting
through the process. I'll write it up in some detail but the key
points were:
ciphers
protocols
ip*separation
NameVirtualHosts
no default directory paths
modsecurity
TRACE - took rewrite rules to *get rid of it
server isolation (smtp, pop, imap, dns, ntp)
utility isolation (phpmyadmin, phpinfo, cacti, webmin)
secure ftp
Now I would like a script to monitor sites and home pages on
a daily basis to I can catch PHP issues.
On Thu, Aug 5, 2010 at 10:02 AM, Etienne Goyer <etienne.goyer@canonical.com>
wrote:
> On 10-08-04 06:05 PM, Kees Cook wrote:
>> Hi Jim,
>>
>> On Wed, Aug 04, 2010 at 09:44:25AM -0400, Jim Tarvid
wrote:
>>> Why not kill the weak ciphers too?
>>
>> Sure! Can you send a patch for this?
>
> I do not really see the point. *Since the client and the
server will
> negotiate the strongest cipher they both support, what
exactly would we
> gain by removing cipher considered weak?
>
>
> --
> Etienne Goyer
> Technical Account Manager - Canonical Ltd
> Ubuntu Certified Instructor * - * *LPIC-3
>
> *~= Ubuntu: Linux for Human Beings =~
>
> --
> ubuntu-devel mailing list
> ubuntu-devel@lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
>
--
Rev. Jim Tarvid, PCA
Galax, Virginia
http://ls.net
http://drupal.ls.net
--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
08-11-2010, 12:26 AM
Joe McDonagh
really drop SSLv2
On 08/08/2010 09:34 PM, Jim Tarvid wrote:
> The point is passing Credit Card compliance tests. OOB, Ubuntu doesn't do so
> well. Spent the last two weeks getting through the process. I'll write it up
> in some detail but the key points were:
>
> - ciphers
> - protocols
> - ip separation
> - NameVirtualHosts
> - no default directory paths
> - modsecurity
> - TRACE - took rewrite rules to get rid of it
> - server isolation (smtp, pop, imap, dns, ntp)
> - utility isolation (phpmyadmin, phpinfo, cacti, webmin)
> - secure ftp
>
Jim, I advise you to check out puppet. I can't even begin to explain the
amount of time I have saved by encapsulating all of this in puppet modules.
>
>>
>> I do not really see the point. Since the client and the server will
>> negotiate the strongest cipher they both support, what exactly would we
>> gain by removing cipher considered weak?
>>
>>
>> --
>> Etienne Goyer
>> Technical Account Manager - Canonical Ltd
>> Ubuntu Certified Instructor - LPIC-3
>>
Etienne: Right, but it's actually for the security of your users. If the
server says no to all weak ciphers, a weak client can't connect. It's
effectively saving your users from shooting themselves in the foot by
getting MitM'd or something. And, as Jim has said, you need it to pass PCI.
--
Joe McDonagh
AIM: YoosingYoonickz
IRC: joe-mac on freenode
L'ennui est contre-révolutionnaire
--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
really drop SSLv2
