search

0x6d69636b / windows_hardening

HardeningKitty and Windows Hardening Settings
MIT License
2.35k stars 314 forks source link

Idea: Transport Layer Security (TLS) Audit Config #37

Closed lordfiSh closed 3 years ago

lordfiSh commented 3 years ago

Don't know if this is out of your Scope but I created a Idea of a Config to Audit the TLS Settings for Windows (Based on https://www.hass.de/content/setup-microsoft-windows-or-iis-ssl-perfect-forward-secrecy-and-tls-12) 

"ID","Category","Name","Method","MethodArgument","RegistryPath","RegistryItem","ClassName","Namespace","Property","DefaultValue","RecommendedValue","Operator","Severity"
"1000","TLS Settings - Protocols","Server - Check if SSL2.0 is Enbaled ","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server","Enabled","","","","","0","=","High"
"1001","TLS Settings - Protocols","Server - Check if SSL2.0 is Disabledbydefault","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server","Disabledbydefault","","","","","1","=","High"
"1002","TLS Settings - Protocols","Client - Check if SSL2.0 is Enbaled 3,","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client","Enabled","","","","","0","=","High"
"1003","TLS Settings - Protocols","Client - Check if SSL2.0 is Disabledbydefault","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client","Disabledbydefault","","","","","1","=","High"
"1004","TLS Settings - Protocols","Server - Check if SSL3.0 is Enbaled","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server","Enabled","","","","","0","=","High"
"1005","TLS Settings - Protocols","Server - Check if SSL3.0 is Disabledbydefault","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server","Disabledbydefault","","","","","1","=","High"
"1006","TLS Settings - Protocols","Client - Check if SSL3.0 is Enbaled","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client","Enabled","","","","","0","=","High"
"1007","TLS Settings - Protocols","Client - Check if SSL3.0 is Disabledbydefault","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client","Disabledbydefault","","","","","1","=","High"
"1008","TLS Settings - Protocols","Server - Check if TLS1.0 is Enbaled","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server","Enabled","","","","","0","=","High"
"1009","TLS Settings - Protocols","Server - Check if TLS1.0 is Disabledbydefault","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server","Disabledbydefault","","","","","1","=","High"
"1010","TLS Settings - Protocols","Client - Check if TLS1.0 is Enbaled","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client","Enabled","","","","","0","=","High"
"1011","TLS Settings - Protocols","Client - Check if TLS1.0 is Disabledbydefault","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client","Disabledbydefault","","","","","1","=","High"
"1012","TLS Settings - Protocols","Server - Check if TLS1.1 is Enbaled","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server","Enabled","","","","","0","=","High"
"1013","TLS Settings - Protocols","Server - Check if TLS1.1 is Disabledbydefault","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server","Disabledbydefault","","","","","1","=","High"
"1014","TLS Settings - Protocols","Client - Check if TLS1.1 is Enbaled","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client","Enabled","","","","","0","=","High"
"1015","TLS Settings - Protocols","Client - Check if TLS1.1 is Disabledbydefault","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client","Disabledbydefault","","","","","1","=","High"
"1016","TLS Settings - Protocols","Server - Check if TLS1.2 is Enbaled","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server","Enabled","","","","","4294967295","=","High"
"1017","TLS Settings - Protocols","Server - Check if TLS1.2 is Disabledbydefault","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server","Disabledbydefault","","","","","0","=","High"
"1018","TLS Settings - Protocols","Client - Check if TLS1.2 is Enbaled","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client","Enabled","","","","","4294967295","=","High"
"1019","TLS Settings - Protocols","Client - Check if TLS1.2 is Disabledbydefault","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client","Disabledbydefault","","","","","0","=","High"
"1020","TLS Settings - Protocols","Multi-Protocol Unified Hello","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\Multi-Protocol Unified Hello\Server","Enabled","","","","","0","=","High"
"1021","TLS Settings - Protocols","Multi-Protocol Unified Hello","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\Multi-Protocol Unified Hello\Server","Disabledbydefault","","","","","1","=","High"
"1022","TLS Settings - Protocols","Multi-Protocol Unified Hello","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\Multi-Protocol Unified Hello\Server","Enabled","","","","","0","=","High"
"1023","TLS Settings - Protocols","Multi-Protocol Unified Hello","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\Multi-Protocol Unified Hello\Server","Disabledbydefault","","","","","1","=","High"
"1024","TLS Settings - Protocols","PCT","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\PCT 1.0\Server","Enabled","","","","","0","=","High"
"1025","TLS Settings - Protocols","PCT","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\PCT 1.0\Server","Disabledbydefault","","","","","1","=","High"
"1026","TLS Settings - Protocols","PCT","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\PCT 1.0\Client","Enabled","","","","","0","=","High"
"1027","TLS Settings - Protocols","PCT","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\PCT 1.0\Client","Disabledbydefault","","","","","1","=","High"
"1028","TLS Settings - Chipers","Check for DES 56/56","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\DES 56/56","Enabled","","","","","0","=","High"
"1029","TLS Settings - Chipers","Check for NULL","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\NULL","Enabled","","","","","0","=","High"
"1030","TLS Settings - Chipers","Check for RC2 128/128","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC2 128/128","Enabled","","","","","0","=","High"
"1031","TLS Settings - Chipers","Check for RC2 40/128","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC2 40/128","Enabled","","","","","0","=","High"
"1032","TLS Settings - Chipers","Check for RC2 56/128","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC2 56/128","Enabled","","","","","0","=","High"
"1033","TLS Settings - Chipers","Check forRC4 128/128","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 128/128","Enabled","","","","","0","=","High"
"1034","TLS Settings - Chipers","Check for RC4 40/128","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 40/128","Enabled","","","","","0","=","High"
"1035","TLS Settings - Chipers","Check for RC4 56/128","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 56/128","Enabled","","","","","0","=","High"
"1036","TLS Settings - Chipers","Check for RC4 RC4 64/128","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 64/128","Enabled","","","","","0","=","High"
"1037","TLS Settings - Chipers","Check for Triple DES 168","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\Triple DES 168","Enabled","","","","","0","=","High"
"1038","TLS Settings - Chipers","Check for Secure Chiper AES 128/128","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\AES 128/128","Enabled","","","","","4294967295","=","High"
"1039","TLS Settings - Chipers","Check for Secure Chiper AES 256/256","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\AES 256/256","Enabled","","","","","4294967295","=","High"
"1040","TLS Settings - Hashes","Check for MD5","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Hashes\MD5","Enabled","","","","","0","=","High"
"1041","TLS Settings - Hashes","Check for SHA-1","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Hashes\SHA","Enabled","","","","","0","=","High"
"1042","TLS Settings - Hashes","Check for SHA-256","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Hashes\SHA256","Enabled","","","","","4294967295","=","High"
"1043","TLS Settings - Hashes","Check for SHA-384","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Hashes\SHA384","Enabled","","","","","4294967295","=","High"
"1044","TLS Settings - Hashes","Check for SHA-512","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Hashes\SHA512","Enabled","","","","","4294967295","=","High"
"1045","TLS Settings - KeyExchangeAlgorithms ","Check for DH Status","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms\Diffie-Hellman","Enabled","","","","","4294967295","=","High"
"1046","TLS Settings - KeyExchangeAlgorithms ","Check for DH ServerMinKeyBitLength","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms\Diffie-Hellman","ServerMinKeyBitLength","","","","","2048",">=","High"
"1046","TLS Settings - KeyExchangeAlgorithms ","Check for DH ClientMinKeyBitLength","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms\Diffie-Hellman","ClientMinKeyBitLength","","","","","2048",">=","High"
"1047","TLS Settings - KeyExchangeAlgorithms ","Check for ECDH Status","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms\ECDH","Enabled","","","","","4294967295","=","High"
"1048","TLS Settings - KeyExchangeAlgorithms ","Check for PKCS Status","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms\PKCS","Enabled","","","","","4294967295","=","High"
"1049","TLS Settings - KeyExchangeAlgorithms ","Check for PKCS ServerMinKeyBitLength","Registry","","HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms\PKCS","ClientMinKeyBitLength","","","","","2048",">=","High"
"1050","TLS Settings - other","Check for Chiper Order / Perfect Forward Secrecy","Registry","","HKLM:\SOFTWARE\Policies\Microsoft\Cryptography\Configuration\SSL\00010002","Functions","","","","","TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA","=","High"
"1051","TLS Settings - other","NETFramework v4.0.30319 SystemDefaultTlsVersions","Registry","","HKLM:\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319","SystemDefaultTlsVersions","","","","","1","=","High"
"1052","TLS Settings - other","NETFramework v4.0.30319 SchUseStrongCrypto","Registry","","HKLM:\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319","SchUseStrongCrypto","","","","","1","=","High"
0x6d69636b commented 3 years ago

I like it. HardeningKitty has no specific scope, I'm up for anything that improves the security of Windows. I'll take a look at your list and add it to the repo

0x6d69636b commented 3 years ago

I changed the categories and names, added some .NET findings. Here is the new list: https://github.com/0x6d69636b/windows_hardening/blob/master/lists/finding_list_microsoft_windows_tls.csv. What do you think?

Harvester57 commented 3 years ago

Depending on the minimum version of Windows it will run on, you could possibly add rules for TLS 1.3 support (W10 1903+)

0x6d69636b commented 3 years ago

Do you have any idea which TLSv1.3 cipher suites are supported in W10 1903+? As far as I know TLSv1.3 is only supported for testing purposes (source https://devblogs.microsoft.com/premier-developer/microsoft-tls-1-3-support-reference/). But I can add this checks and rate them as Low

0x6d69636b commented 3 years ago

I found some information for cipher support in Windows Server 2022: https://docs.microsoft.com/en-us/windows/win32/secauthn/tls-cipher-suites-in-windows-server-2022

Harvester57 commented 3 years ago

Like it's mentioned in you second link, the 3 standardized ciphers for TLS 1.3 are supported on W10 1903+ (AES256/AES128/ChaCha20).

ChaCha20 is disabled by default, but it should be possible to re-enable it by modifying the SSL cipher suite order with the related GPO/registry key : https://admx.help/?Category=Windows_10_2016&Policy=Microsoft.Policies.CypherStrength::SSLCipherSuiteOrder

0x6d69636b commented 3 years ago

I've added TLSv1.3 to the list and added another cipher suite check with the new TLSv1.3 ciphers

lordfiSh commented 3 years ago

Maybe there should be a Config for newer Windows Version (TLS1.3 + ChaCha20/Poly1305). For example the BSI (German Federal Office for Information Security) doesn't mention them in the Technical Guideline TR-02102-2 Cryptographic Mechanisms: Recommendations and Key Lengths

@0x6d69636b thanks for the clean-up of the config 👍

0x6d69636b commented 3 years ago

Hm, you might be right. I've created another list called Future Use with TLSv1.3 to avoid confusion when scanning "older" versions of Windows

Harvester57 commented 3 years ago

Maybe there should be a Config for newer Windows Version (TLS1.3 + ChaCha20/Poly1305). For example the BSI (German Federal Office for Information Security) doesn't mention them in the Technical Guideline TR-02102-2 Cryptographic Mechanisms: Recommendations and Key Lengths

@0x6d69636b thanks for the clean-up of the config 👍

ChaCha20 (and it's combination with Poly1305 for authenticated encryption) is recommended in the latest cryptographic recommendations by ANSSI (equiv. BSI in France, recommendations updated in March 2021): https://www.ssi.gouv.fr/uploads/2021/03/anssi-guide-selection_crypto-1.0.pdf

A specific guide regarding TLS connections was also updated in March 2020 to add recommendations related to TLS 1.3: https://www.ssi.gouv.fr/uploads/2017/07/anssi-guide-recommandations_de_securite_relatives_a_tls-v1.2.pdf

Also related to TLS configuration, should the CSV also mention the ECC curve order ? On W10 systems, by default the order of priority is Curve25519, NIST P-256 and NIST P-384. Latest DISA STIGs for W10 systems recommend to swap P-256 and P-384 to prioritize higher bits count curves, and most TLS hardening guides apply the same logic.

The related registry key is the following: https://admx.help/?Category=Windows_10_2016&Policy=Microsoft.Policies.CypherStrength::SSLCurveOrder

0x6d69636b commented 3 years ago

I've added ECC Curve Order to the TLS lists and changed the categorie/name for ECC Curve Order and Cipher Suite, because both those options can be configured over an official windows policy (Commit https://github.com/0x6d69636b/windows_hardening/commit/e7f679ed694895e9c1e9250f5c35d242a3e83d43)

Harvester57 commented 3 years ago

Sounds good !

Just for my own culture, what is the rationale you applied for the cipher suite order, at https://github.com/0x6d69636b/windows_hardening/blob/master/lists/finding_list_microsoft_windows_tls_future.csv#L46 ? Why ChaCha20, then AES128, then AES256 ?

0x6d69636b commented 3 years ago

I chose ChaCha20 frist because of the recommendation from the OpenSSH config (see https://cipherlist.dev/ -> OpenSSH) and AES 128 before AES 256 beause of the recommendation in the SSL and TLS Deployment Best Practicies (see https://github.com/ssllabs/research/wiki/SSL-and-TLS-Deployment-Best-Practices#31-avoid-too-much-security). However, I see that it would be consistent to prefer AES 256 before AES 128, as this is also done in TLSv1.2. I'll switch those