Drop SSLv3 support

[emanuele-f]

Mongoose, the HTTP server used by ntopng, supports SSL 3.0 connections. SSL 3.0 is vulnerable to attacks, and as such should be dropped. This will prevent outdated clients (which still allow SSL 3.0), to negotiate the 3.0 version of the protocol.

https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/

mongoose.cpp should be patched to avoid using the SSL 3.0 protocol. This should be enough to disable it:

opts |= SSL_OP_NO_SSLv3;
SSL_CTX_set_options(ctx->ssl_ctx, opts);

[emanuele-f]

Here is a list of SSL protocol versions considered insecure, wrt the cipher used:

https://en.wikipedia.org/wiki/Transport_Layer_Security#Cipher

[nanook72]

Ran the find but coming up empty. I installed this on a Security Onion system which is using apache2 for the web server.

[emanuele-f]

The patch must be done on the ntopng source. I think you probably installed ntopng from packages, so please wait for our patch.

[nanook72]

Sounds good thank you so much for your help!

[emanuele-f]

This is fixed with commit f36a2b1dd5f49ea46d6389f16ca66b27bcba4764 . I tried scanning ntopng with https://github.com/mozilla/cipherscan/ and found in my case it was not offering SSLv3 certificate, so maybe it depended on software library used. Nevertheless, with the fix SSLv3 should always be avoided.

What scanner are you using to test ntopng? Can you double check the tomorrow version of ntopng please?

[nanook72]

We are using Greenbone for the vulnerability scanner and my version is ntopng Community Edition v.3.0.170809

From: Emanuele Faranda notifications@github.com Reply-To: ntop/ntopng reply@reply.github.com Date: Tuesday, September 26, 2017 at 12:05 PM To: ntop/ntopng ntopng@noreply.github.com Cc: nanook72 tim.wolak@gmail.com, Comment comment@noreply.github.com Subject: Re: [ntop/ntopng] Drop SSLv3 support (#1484)

This is fixed with commit f36a2b1 . I tried scanning ntopng with https://github.com/mozilla/cipherscan/ and found in my case it was not offering SSLv3 certificate, so maybe it depended on software library used. Nevertheless, with the fix SSLv3 should always be avoided.

What scanner are you using to test ntopng? Can you double check the tomorrow version of ntopng please?

— You are receiving this because you commented. Reply to this email directly, view it on GitHub, or mute the thread.

[emanuele-f]

Ok, thank you for the info

[emanuele-f]

@nanook72 I've ported the fixed to 3.0 stable. Please try the tomorrow version of ntopng and report the scan result for this and for #1483. Thank you.

[emanuele-f]

@nanook72 any new? Have you tested the new release?

[simonemainardi]

an sslscan highlighted NO SSLv3 chipers supported even without commit https://github.com/ntop/ntopng/commit/f36a2b1dd5f49ea46d6389f16ca66b27bcba4764

Simones-MacBook-Pro:code simone$ sslscan --ssl3 devel:3002
Version: 1.11.10
OpenSSL 1.0.2l  25 May 2017

OpenSSL version does not support SSLv2
SSLv2 ciphers will not be detected

Testing SSL server devel on port 3002 using SNI name devel

  TLS Fallback SCSV:
Server supports TLS Fallback SCSV

  TLS renegotiation:
Session renegotiation not supported

  TLS Compression:
Compression disabled

  Heartbleed:
All TLS protocols disabled, cannot check for heartbleed.

  Supported Server Cipher(s):

  SSL Certificate:
Signature Algorithm: sha256WithRSAEncryption
RSA Key Strength:    2048

Subject:  /C=IT/ST=Some-State/O=ntop.org
Issuer:   /C=IT/ST=Some-State/O=ntop.org
Not valid before: Oct 10 15:55:47 2015 GMT
Not valid after:  Oct  9 15:55:47 2016 GMT
Simones-MacBook-Pro:code simone$ sslscan devel:3002
Version: 1.11.10
OpenSSL 1.0.2l  25 May 2017

OpenSSL version does not support SSLv2
SSLv2 ciphers will not be detected

Testing SSL server devel on port 3002 using SNI name devel

  TLS Fallback SCSV:
Server supports TLS Fallback SCSV

  TLS renegotiation:
Session renegotiation not supported

  TLS Compression:
Compression disabled

  Heartbleed:
TLS 1.2 not vulnerable to heartbleed
TLS 1.1 not vulnerable to heartbleed
TLS 1.0 not vulnerable to heartbleed

  Supported Server Cipher(s):
Preferred TLSv1.2  256 bits  AES256-GCM-SHA384
Accepted  TLSv1.2  256 bits  AES256-SHA256
Accepted  TLSv1.2  256 bits  AES256-SHA
Accepted  TLSv1.2  256 bits  CAMELLIA256-SHA
Accepted  TLSv1.2  128 bits  AES128-GCM-SHA256
Accepted  TLSv1.2  128 bits  AES128-SHA256
Accepted  TLSv1.2  128 bits  AES128-SHA
Accepted  TLSv1.2  128 bits  CAMELLIA128-SHA
Preferred TLSv1.1  256 bits  AES256-SHA
Accepted  TLSv1.1  256 bits  CAMELLIA256-SHA
Accepted  TLSv1.1  128 bits  AES128-SHA
Accepted  TLSv1.1  128 bits  CAMELLIA128-SHA

  SSL Certificate:
Signature Algorithm: sha256WithRSAEncryption
RSA Key Strength:    2048

Subject:  /C=IT/ST=Some-State/O=ntop.org
Issuer:   /C=IT/ST=Some-State/O=ntop.org
Not valid before: Oct 10 15:55:47 2015 GMT
Not valid after:  Oct  9 15:55:47 2016 GMT
Simones-MacBook-Pro:code simone$

@emanuele-f how can you say we offer SSLv3 with mongoose?

[emanuele-f]

As discussed, the SSLv3 support availability is probably dependent on the openssl version installed on the system. I'm closing the issue for now. @nanook72 if you have news please feel free to comment. Thanks

[nanook72]

I understand what you’re saying and I have disabled it in apache configs for anything running on 443.  However the vulnerability scans point specifically port 3000 which ntop is running on and I need to disable SSL3 for that.

From: Emanuele Faranda notifications@github.com Reply-To: ntop/ntopng reply@reply.github.com Date: Friday, October 6, 2017 at 4:15 AM To: ntop/ntopng ntopng@noreply.github.com Cc: nanook72 tim.wolak@gmail.com, Mention mention@noreply.github.com Subject: Re: [ntop/ntopng] Drop SSLv3 support (#1484)

As discussed, the SSLv3 support availability is probably dependent on the openssl version installed on the system. I'm closing the issue for now. @nanook72 if you have news please feel free to comment. Thanks

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or mute the thread.

[emanuele-f]

With my patch above SSL3 should be disabled no matter what library version you run. Please update and check it out.