search

isvsecwatch / httpstracker

Our main issue tracker for ISV security issues, such as the SSL/TLS configuration of their online stores.
3 stars 0 forks source link

host.al - main website #43

Closed sindarina closed 8 years ago

sindarina commented 9 years ago

SSL Server Test Results https://www.ssllabs.com/ssltest/analyze.html?d=host.al (B)

Cipherscan Results

Target: host.al:443

prio  ciphersuite                  protocols              pfs_keysize
1     ECDHE-RSA-AES256-GCM-SHA384  TLSv1.2                ECDH,P-256,256bits
2     ECDHE-RSA-AES256-SHA384      TLSv1.2                ECDH,P-256,256bits
3     ECDHE-RSA-AES256-SHA         TLSv1,TLSv1.1,TLSv1.2  ECDH,P-256,256bits
4     DHE-RSA-AES256-GCM-SHA384    TLSv1.2                DH,1024bits
5     DHE-RSA-AES256-SHA256        TLSv1.2                DH,1024bits
6     DHE-RSA-AES256-SHA           TLSv1,TLSv1.1,TLSv1.2  DH,1024bits
7     DHE-RSA-CAMELLIA256-SHA      TLSv1,TLSv1.1,TLSv1.2  DH,1024bits
8     AES256-GCM-SHA384            TLSv1.2
9     AES256-SHA256                TLSv1.2
10    AES256-SHA                   TLSv1,TLSv1.1,TLSv1.2
11    CAMELLIA256-SHA              TLSv1,TLSv1.1,TLSv1.2
12    ECDHE-RSA-AES128-GCM-SHA256  TLSv1.2                ECDH,P-256,256bits
13    ECDHE-RSA-AES128-SHA256      TLSv1.2                ECDH,P-256,256bits
14    ECDHE-RSA-AES128-SHA         TLSv1,TLSv1.1,TLSv1.2  ECDH,P-256,256bits
15    DHE-RSA-AES128-GCM-SHA256    TLSv1.2                DH,1024bits
16    DHE-RSA-AES128-SHA256        TLSv1.2                DH,1024bits
17    DHE-RSA-AES128-SHA           TLSv1,TLSv1.1,TLSv1.2  DH,1024bits
18    DHE-RSA-SEED-SHA             TLSv1,TLSv1.1,TLSv1.2  DH,1024bits
19    DHE-RSA-CAMELLIA128-SHA      TLSv1,TLSv1.1,TLSv1.2  DH,1024bits
20    AES128-GCM-SHA256            TLSv1.2
21    AES128-SHA256                TLSv1.2
22    AES128-SHA                   TLSv1,TLSv1.1,TLSv1.2
23    SEED-SHA                     TLSv1,TLSv1.1,TLSv1.2
24    CAMELLIA128-SHA              TLSv1,TLSv1.1,TLSv1.2
25    ECDHE-RSA-RC4-SHA            TLSv1,TLSv1.1,TLSv1.2  ECDH,P-256,256bits
26    RC4-SHA                      TLSv1,TLSv1.1,TLSv1.2
27    ECDHE-RSA-DES-CBC3-SHA       TLSv1,TLSv1.1,TLSv1.2  ECDH,P-256,256bits
28    EDH-RSA-DES-CBC3-SHA         TLSv1,TLSv1.1,TLSv1.2  DH,1024bits
29    DES-CBC3-SHA                 TLSv1,TLSv1.1,TLSv1.2

Certificate: trusted, 2048 bit, sha256WithRSAEncryption signature
TLS ticket lifetime hint: 300
OCSP stapling: not supported
Client side cipher ordering

Cipherscan Analysis

host.al:443 has bad ssl/tls

Things that are bad:
* remove cipher DHE-RSA-SEED-SHA
* remove cipher SEED-SHA
* remove cipher ECDHE-RSA-RC4-SHA
* remove cipher RC4-SHA
* remove cipher EDH-RSA-DES-CBC3-SHA

Changes needed to match the intermediate level:
* remove cipher DHE-RSA-SEED-SHA
* remove cipher SEED-SHA
* remove cipher ECDHE-RSA-RC4-SHA
* remove cipher RC4-SHA
* remove cipher ECDHE-RSA-DES-CBC3-SHA
* remove cipher EDH-RSA-DES-CBC3-SHA
* consider using DHE of at least 2048bits and ECC of at least 256bits
* consider enabling OCSP Stapling
* enforce server side ordering

Changes needed to match the modern level:
* remove cipher DHE-RSA-CAMELLIA256-SHA
* remove cipher AES256-GCM-SHA384
* remove cipher AES256-SHA256
* remove cipher AES256-SHA
* remove cipher CAMELLIA256-SHA
* remove cipher DHE-RSA-SEED-SHA
* remove cipher DHE-RSA-CAMELLIA128-SHA
* remove cipher AES128-GCM-SHA256
* remove cipher AES128-SHA256
* remove cipher AES128-SHA
* remove cipher SEED-SHA
* remove cipher CAMELLIA128-SHA
* remove cipher ECDHE-RSA-RC4-SHA
* remove cipher RC4-SHA
* remove cipher ECDHE-RSA-DES-CBC3-SHA
* remove cipher EDH-RSA-DES-CBC3-SHA
* remove cipher DES-CBC3-SHA
* disable TLSv1
* use DHE of at least 2048bits and ECC of at least 256bits
* consider enabling OCSP Stapling
* enforce server side ordering

See our recommendations for optimising your configuration: https://github.com/isvsecwatch/httpstracker

sindarina commented 9 years ago

Notified via contact form; https://www.host.al/contact Poked on Twitter; https://twitter.com/isvsecwatch/status/600276083011891200

sindarina commented 9 years ago

In light of the details of the Logjam attack (https://weakdh.org/), we are upgrading 1024-bit DH keys to a red level issue that should be resolved, as that key size puts it within reach of state-level adversaries and is no longer considered safe.

See https://github.com/isvsecwatch/httpstracker#a-note-on-dhdhe for details.

sindarina commented 9 years ago

No change.

sindarina commented 9 years ago

No change.

sindarina commented 9 years ago

No change.

sindarina commented 9 years ago

It looks like they fixed the DH key size, but ignored the problems with client-side cipher ordering, and the lack of robust Forward Secrecy; https://www.ssllabs.com/ssltest/analyze.html?d=host.al

sindarina commented 9 years ago

No change.

isvsecwatch-report commented 8 years ago

Unlikely to have changed, closing as unresolved.