"SSL Server Allows Anonymous Authentication Vulnerability"
am 18.10.2007 16:02:01 von criechton
I have two windows 2003/IIS 6.0 servers that are load balanced thru an F5
networks device, an ISS security scan of the URL that is shared by the two
servers is showing "SSL Server Allows Anonymous Authentication
Vulnerability". How do I address and remediate this vulnerability.
Thanks in advance.
Re: "SSL Server Allows Anonymous Authentication Vulnerability"
am 18.10.2007 18:08:56 von Ken Schaefer
First you need to work out what the vulnerability description actually
means.
Some third party product has some unique way of describing a possible
weakness or risk. You need to understand what this is, so you can explain it
to us in technological terms.
Cheers
Ken
"criechton" wrote in message
news:0F64DFD7-9B3F-43D0-922B-ACA552B60023@microsoft.com...
>I have two windows 2003/IIS 6.0 servers that are load balanced thru an F5
> networks device, an ISS security scan of the URL that is shared by the two
> servers is showing "SSL Server Allows Anonymous Authentication
> Vulnerability". How do I address and remediate this vulnerability.
>
>
> Thanks in advance.
Re: "SSL Server Allows Anonymous Authentication Vulnerability"
am 18.10.2007 20:15:02 von criechton
This is the message from the Security scan revealed:
The Secure Socket Layer (SSL) protocol allows for secure communication
between a client and a server. The client usually authenticates the server
using an algorithm like RSA or DSS. Some SSL ciphers allow SSL communication
without authentication. Most common Web browsers like Microsoft Internet
Explorer, Netscape and Mozilla do not use anonymous authentication ciphers by
default.
A vulnerability exists in SSL communcations
when clients are allowed to connect using no authentication
algorithm. SSL client-server communication may use several different types of
authentication: RSA, Diffie-Hellman, DSS or none. When 'none' is
used, the communications are vulnerable to a man-in-the-middle
attack."
"Ken Schaefer" wrote:
> First you need to work out what the vulnerability description actually
> means.
>
> Some third party product has some unique way of describing a possible
> weakness or risk. You need to understand what this is, so you can explain it
> to us in technological terms.
>
> Cheers
> Ken
>
>
> "criechton" wrote in message
> news:0F64DFD7-9B3F-43D0-922B-ACA552B60023@microsoft.com...
> >I have two windows 2003/IIS 6.0 servers that are load balanced thru an F5
> > networks device, an ISS security scan of the URL that is shared by the two
> > servers is showing "SSL Server Allows Anonymous Authentication
> > Vulnerability". How do I address and remediate this vulnerability.
> >
> >
> > Thanks in advance.
>
>
Re: "SSL Server Allows Anonymous Authentication Vulnerability"
am 22.10.2007 08:09:33 von Nelson B
criechton wrote:
> I have two windows 2003/IIS 6.0 servers that are load balanced thru an
> F5 networks device, an ISS security scan of the URL that is shared by
> the two servers is showing "SSL Server Allows Anonymous Authentication
> Vulnerability". How do I address and remediate this vulnerability.
> This is the message from the Security scan revealed:
>> The Secure Socket Layer (SSL) protocol allows for secure communication
>> between a client and a server. The client usually authenticates the
>> server using an algorithm like RSA or DSS. Some SSL ciphers allow SSL
>> communication without authentication. Most common Web browsers like
>> Microsoft Internet Explorer, Netscape and Mozilla do not use anonymous
>> authentication ciphers by default.
>>
>> A vulnerability exists in SSL communcations when clients are allowed to
>> connect using no authentication algorithm. SSL client-server
>> communication may use several different types of authentication: RSA,
>> Diffie-Hellman, DSS or none. When 'none' is used, the communications
>> are vulnerable to a man-in-the-middle attack."
This issue will require a small reconfiguration of either your IIS
server or your F5 load balancer. If your load balancer actually acts
as an SSL server itself, then it probably needs to be reconfigured,
but it if merely passes the SSL traffic through to your IIS servers,
then the IIS servers will need a configuration tweak.
Probably the easiest way for you to tell which needs the configuration
tweak is by knowing where you have to install the SSL server certificate
or certificates that you use. If you install the SSL server certificate(s)
in the load balancer, then it needs the tweak. If you install them in
the IIS servers, then they need the tweak.
The SSL protocol defines a number of combinations of ciphers, hashes,
and signature algorithms. Each combination is called a "cipher suite".
SSL defines numerous cipher suites. Each client and each server is
free to implement as few or an many of then defined cipher suites as
it wants. When the client and the server talk, they figure out which
cipher suites they both support in common, and they use one of those.
Not all cipher suites are created equal. Some are very "strong" at
withstanding attacks, and others are not. The weakest of all are
the so-called "anonymous" cipher suites. They offer no protection
at all from a class of attackers known as "Man In The Middle" (MITM)
attackers. They allow other servers to get in between the client and
the intended server and decrypt (and alter) traffic as it passes
through. You probably wish to avoid that vulnerability.
Many clients and servers can be configured to not use all of the cipher
suites that they are capable of using, but to instead only use a subset
of those cipher suites that have been chosen by the system administrator.
A server system administrator might be well advised to configure his
server to disallow the use of the weaker cipher suites, including the
anonymous ones.
The warning that you quoted above says that the scan program found that
the SSL server to which it was talking (either the load balancer or the
IIS server) was configured to allow the use of anonymous cipher suites.
The remedy is to reconfigure the server to disallow the anonymous cipher
suites. How you do that will depend on which product is acting as the
SSL server in your situation.
The SSL cipher suites have names and numbers. Here are some (not all)
of the names and numbers as found in the SSL 3.0 specification.
CipherSuite SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x0B };
CipherSuite SSL_DH_DSS_WITH_DES_CBC_SHA = { 0x00,0x0C };
CipherSuite SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA = { 0x00,0x0D };
CipherSuite SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x0E };
CipherSuite SSL_DH_RSA_WITH_DES_CBC_SHA = { 0x00,0x0F };
CipherSuite SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x10 };
CipherSuite SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x11 };
CipherSuite SSL_DHE_DSS_WITH_DES_CBC_SHA = { 0x00,0x12 };
CipherSuite SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA = { 0x00,0x13 };
CipherSuite SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x14 };
CipherSuite SSL_DHE_RSA_WITH_DES_CBC_SHA = { 0x00,0x15 };
CipherSuite SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x16 };
CipherSuite SSL_DH_anon_EXPORT_WITH_RC4_40_MD5 = { 0x00,0x17 };
CipherSuite SSL_DH_anon_WITH_RC4_128_MD5 = { 0x00,0x18 };
CipherSuite SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x19 };
CipherSuite SSL_DH_anon_WITH_DES_CBC_SHA = { 0x00,0x1A };
CipherSuite SSL_DH_anon_WITH_3DES_EDE_CBC_SHA = { 0x00,0x1B };
You can see by looking which ones are the anonymous cipher suites.
You need to examine the configuration features of the relevant server,
looking for names or numbers like those above. (Don't be surprised
if you find names like those above, but which say "TLS" instead of
"SSL". TLS is simply the name of a slightly newer version of SSL.)
You should disable the anonymous cipher suites. You may also wish to
disable the cipher suites that have the numbers 40 or 56 in them, as
those are now considered to be extremely weak.
http://support.microsoft.com/kb/245030/ offers some clues about how to
do this for IIS on Windows 2003. I can't offer any clues for your
load balancer.
How serious is this problem? Well, as the warning you quoted states,
most browsers disallow the use of anonymous cipher suites completely,
so even if your server allows them, the anonymous cipher suites won't
be used unless both ends support them. Still, there might be some
https clients out there that do support them, and by deconfiguring
support for the anonymous cipher suites, you protect those clients
(and your own server) from all such avenues of attack.
Hope this helps.
--
Nelson B