POODLE Ciphers and SSLv3 – Resolving Protocol or Cipher Suite Mismatch

opensslpoodlepound

According to: ANNOUNCE: Pound – reverse proxy and load balancer – v2.7d / Robert Segall , following enhancement was added:

- added "Disable PROTO" directives (fix for Poodle vulnerability)

My system:

[root@6svprx01 ~]# uname -a
Linux 6svprx01.XXX.org 2.6.32-504.el6.x86_64 #1 SMP Tue Sep 16 01:56:35 EDT 2014 x86_64 x86_64 x86_64 GNU/Linux
[root@6svprx01 ~]# rpm -q Pound
Pound-2.6-2.el6.x86_64
[root@6svprx01 ~]# grep Ciphers /etc/pound.cfg
    Ciphers    "ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:!SSLv2:RC4+RSA:+HIGH:+MEDIUM"
[root@6svprx01 ~]#

… to address POODLE SSLv3, I added !SSLv3 into Ciphers.

Yet while using Qualys SSL Labs - Projects / SSL Server Test to test, I get Protocol or cipher suite mismatch in Handshake Simulation.

Is there a way to address this WITHOUT upgrading to Pound v2.7d (beta) and then using new directives?

Best Answer

one can use goochjj/pound at pcidss/v2.6 branch, which is Pound 2.6, plus cipher and protocol patches necessary (initially) to pass PCI compliance, and as part of that is the directive to disable SSL3.

# grep DisableSSL /etc/pound.cfg
    DisableSSLv3
    DisableSSLv2
#

* UPDATE *

DisableSSLv3 appears to be unknown directive using non-patched Version 2.6, use -SSLv3:-SSLv2 inside of Ciphers.

Related Solutions

Nginx – How to Mitigate POODLE While Keeping SSLv3 Support

As google writes on this blog entry http://googleonlinesecurity.blogspot.se/2014/10/this-poodle-bites-exploiting-ssl-30.html there is three ways of mitigating POODLE:

Disable SSL 3.0 support
Disable CBC-mode ciphers with SSL 3.0
Support TLS_FALLBACK_SCSV

The first two options breaks compatibility with old clients such as IE6 on XP. TLS_FALLBACK_SCSV depends on the browser supporting it, which at the moment only Chrome does, but Firefox will too soon. TLS_FALLBACK_SCSV requires the newly released OpenSSL 1.0.1j.

If possible you should disable SSL 3 support, but if you need to keep it around, this is how you can mitigate it, if you have OpenSSL 1.0.1j and nginx:

ssl_ciphers EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!CAMELLIA;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;

This configuration of ciphers will provide forward secrecy in most browsers and mitigate POODLE+BEAST server side. It works by prioritizing RC4 over AES when faced with a SSL 3 or TLS 1.0 browser, thus avoiding the CBC mode. Browsers that are running TLS 1.1+ don't use RC4, which is not as secure as we'd like.

It currently gives an A rating on ssllabs, example of this in action: https://www.ssllabs.com/ssltest/analyze.html?d=s.nimta.com

Nginx sslv3 poodle disable

Here is a good Tutorial how to configure nginx with the best settings.

https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html

Your configuration for SSLv3 is correct.

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

In the post is a section for your ciphers.

ssl_ciphers 'AES256+EECDH:AES256+EDH';

Best Answer

Related Solutions

Nginx – How to Mitigate POODLE While Keeping SSLv3 Support

Nginx sslv3 poodle disable

Related Topic