recently I have been working on my cipher string input for each application that uses SSL/TLS (i.e. Apache2, NGinX, Sendmail, Dovecot, etc).
however, i noticed that Webmin/Virtualmin does not seem to be responding to my Cipher string input.
i have enabled DH, ephemeral and elliptical curve ciphers on most of my servers, sorted in preference of strength (using @strength)
however, webmin stays at AES-256-CBC using SHA1 for auth, and RSA as KEX.
i also tried checking the boxes for "strong" ciphers, or "perfect forward secrecy" type ciphers, including "prefer server defined cipher order", but nothing changes.
the only time i could get it to change the cipher order, was downgrading to a lesser strength cipher, or when using Auto selection (AFAIK)
might this be a bug in the miniserv.pl application? is the cipher order string unconventional, or does it support whatever is supported by the system installed package of OpenSSL?
thanks!
Jamie - I have come across a security scan problem related to this, See the link to linux4beginners.info for additional information:
Product doing scan: SecurityCenter from tenable network security
Plugin ID: 20007 Family: Service detection Plugin Type: Active
Plugin Name: SSL Version 2(v2) Protocol Detection
Description
The remote service accepts connections encrypted using SSL 2.0, which reportedly suffers from several cryptographic flaws and has been deprecated for several years. An attacker may be able to exploit these issues to conduct man-in-the-middle attacks or decrypt communications between the affected service and clients.
Solution
Consult the application's documentation to disable SSL 2.0 and use SSL 3.0, TLS 1.0, or higher instead.
See Also
http://www.schneier.com/paper-ssl.pd
f http://support.microsoft.com/kb/187498
http://www.linux4beginners.info/node/disable-sslv2
Risk Factor: Medium
CVSS Base Score
5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVE
CVE-2005-2969
Plugin Publication Date: Oct 12, 2005
Plugin Last Modification Date: Jan 25, 2013
Source File: ssl_deprecated.nasl
Version: $Revision: 1.19 $
You should be able to disable use of SSL v2 completely on the SSL page in Webmin.
where is the option to disable SSLv2 Completely? i don't see it...
if you mean change the cipher line to disable sslv2 ciphers; my issue is that i simply can not get webmin to comply with changes to the cipher line,
especially when trying to change to any ephemeral cipher / eliptical curve cipher types
My mistake - the option to disable certain SSL versions was removed in favor of the ciphers list.
If you select " Only strong ciphers with perfect forward secrecy", save the page and then open it again, is that option still selected?
I'm going to interject here. I use Webmin on a bunch of client machines. There are a few that are subject to PCI compliance scans. A couple things bother me in relation to this issue...:
Example: Cipher list string = 'HIGH:!LOW:!MEDIUM:!RC4:!DES:!DSS:!PSK:!aECDH:!DH:!SRP:!MD5:!DSS:!eNULL:!aNULL:!SSLv2:@STRENGTH'
OpenSSL Output using "openssl ciphers -v 'HIGH:!LOW:!MEDIUM:!RC4:!DES:!DSS:!PSK:!aECDH:!DH:!SRP:!MD5:!DSS:!eNULL:!aNULL:!SSLv2:@STRENGTH' | awk '{print $1}'"
What SSLScan returns when scanning against Webmin with the cipherlist set with SSLv2, SSLv3 and TLSv1.0 disabled:
Version: 1.11.0-rbsec-4-g68aaac1
OpenSSL 1.0.2e-dev xx XXX xxxx
Testing SSL server <ip address=""> on port 10000</ip>
TLS renegotiation:
Session renegotiation not supported
TLS Compression:
Compression disabled
Heartbleed:
TLS 1.2 not vulnerable to heartbleed
TLS 1.1 not vulnerable to heartbleed
TLS 1.0 not vulnerable to heartbleed
Supported Server Cipher(s):
Preferred TLSv1.2 256 bits AES256-GCM-SHA384
Accepted TLSv1.2 256 bits AES256-SHA256
Accepted TLSv1.2 256 bits AES256-SHA
Accepted TLSv1.2 256 bits CAMELLIA256-SHA
Accepted TLSv1.2 128 bits AES128-GCM-SHA256
Accepted TLSv1.2 128 bits AES128-SHA256
Accepted TLSv1.2 128 bits AES128-SHA
Accepted TLSv1.2 128 bits CAMELLIA128-SHA
Accepted TLSv1.2 112 bits DES-CBC3-SHA
Preferred TLSv1.1 256 bits AES256-SHA
Accepted TLSv1.1 256 bits CAMELLIA256-SHA
Accepted TLSv1.1 128 bits AES128-SHA
Accepted TLSv1.1 128 bits CAMELLIA128-SHA
Accepted TLSv1.1 112 bits DES-CBC3-SHA
SSL Certificate:
Signature Algorithm: sha256WithRSAEncryption
RSA Key Strength: 4096
So it isn't even ATTEMPTING to negotiate any ECDHE ciphers, which would truly provide actual forward secrecy.
This issue is so old and still open. Please pay more attention to security. Despite selecting rejected protocols to all except TLSv1.2 it still choses to use TLSv1.0.
Choosing "Only strong ciphers with perfect forward secrecy", makes no difference, except from chosing ECDHE_RSA with P-384 key exchange and AES_256_CBC with HMAC-SHA1 cipher but TLSv1.0 still in place.