NimbostratusHi
We host several virtual servers on our LTM and assign SSL profiles to them with certain ciphersuites, I wish to improve them.
My question is, can anyone suggest an appropriate cipher suite to use which remediates the below vulnerabilities and gives us a good grade on quallys:
BEAST Attack
POODLE (sslv3)
POODLE (TLS)
Avoiding RC4
Thanks.
Cirrus
CirrusYou should update to the latest hotfix to patch POODLE (TLS) ASAP. As for BEAST/RC4, they both can;t be mitigated server side unless you remove TLSv1.0 support, which generally isn't possible yet for most people as its still widely used. I would recommend something like 'DEFAULT:!SSLv3:!RC4' and run the latest hotfix. The need for !SSLv3 will be dependent on the version you are running. Since BEAST is considered to be mostly mitigated client side it is the lesser evil vs RC4. RC4 is considered to be "weak" and should be disabled when possible. What version of BigIP are you running?
Cirrus
NacreousYou should update to the latest hotfix to patch POODLE (TLS) ASAP. As for BEAST/RC4, they both can;t be mitigated server side unless you remove TLSv1.0 support, which generally isn't possible yet for most people as its still widely used. I would recommend something like 'DEFAULT:!SSLv3:!RC4' and run the latest hotfix. The need for !SSLv3 will be dependent on the version you are running. Since BEAST is considered to be mostly mitigated client side it is the lesser evil vs RC4. RC4 is considered to be "weak" and should be disabled when possible. What version of BigIP are you running?
Nacreous
Nimbostratuswe are runnning 11.4.1
NimbostratusIn 11.4.x code (https://support.f5.com/kb/en-us/solutions/public/13000/100/sol13163.html
CirrusNimbostratusCirrusNimbostratusWe are running 11.4.1HF7 in our enviornment and this is the string I used: ECDHE:DHE:HIGH:AES:MEDIUM:!LOW:!RC4:!SSLv3:-3DES:@STRENGTH:TLSv1+DES-CBC3-SHA
I have tested this site agains ssllabs and get an "A", hope this helps.
KH
NimbostratusNimbostratusMike: if you are wondering who is correct. Do this.. Go to Profiles/SSL/Client clientssl.. change configuration to advance and on Ciphers.. add Brad's setting of DEFAULT:!SSLv3:!RC4 and after you apply, go to https://www.ssllabs.com/ssltest/ and enter a website of yours and see the grade.. then scroll down to ciphers & see comments. Next, either implement F5 patch or add !SSLv3:RC4-SHA (with ! removed from RC4-SHA), apply and test via Qualys and decide for yourself.
NimbostratusI just read SOL 15882 which is what I used to fix my issue on interim. Go to the section of your article.. "Recommendation Action".. then go to BIG-IP 10.x - 11.4.1.. It clearly says to run below which disables !SSLv3, but enable RC4-SHA. There is a reason for that.
create /ltm profile client-ssl TLS-Padding ciphers !SSLv3:RC4-SHA
We have many F5's & finally got our hands on this article as to why TLS patching broke some of our websites: https://devcentral.f5.com/articles/cve-2014-3566-poodle-vs-cve-2014-8730-tls-poodle
CirrusNimbostratusCVE-2014-8730(TLS POODLE) is fixed in v11.6.0, 11.5.2, and as of 11.5.1HF6, 11.5.0HF6, 11.4.1HF6, 11.4.0HF9, 11.2.1HF13, 10.2.4HF10; If you currently running one of these versions you don't have to create a custom profile. (see SOL15882 - In recommended action section first paragraph, before subsection Big-IP SSL profiles)
CVE-2014-3566(SSLv3 POODLE) is mostly fixed(Configuration utility still allows SSLv3 by default) in v11.5.0-11.6.0; any version aside from these are vulnerable, you can mitigate it by adding the "!SSLv3" into your cipher list.
That being saif El-Gaupo makes a valid point, in that the best way to know what will work best for your enviornment is to test the different theories, and tweak them to fit your needs.
Hope this helped,
KH
NimbostratusThanks Brad.. that is inline with what we have tested as well. The upgrades that you mentioned are inline with last two lines. Thank you.