Ssl – Windows Server 2012 R2 IIS Weak Ciphers Reported After Lockdown

iis-8.5pci-dsssslwindows-server-2012-r2

I am having issues getting a windows server 2012 R2 64-bit box locked down. I used a tool called IISCrypto to make the box FIPS 140 compliant.

I have manually checked the registry entries and all the weak ciphers look disabled but Retina Network Scanner Community still reports IIS as supporting weak ciphers (Enabled=0).

When I run SSLScan, I get the following:

Testing SSL server 127.0.0.1 on port 443
Supported Server Cipher(s):

Failed    SSLv2  168 bits  DES-CBC3-MD5
Failed    SSLv2   56 bits  DES-CBC-MD5
Failed    SSLv2  128 bits  IDEA-CBC-MD5
Failed    SSLv2   40 bits  EXP-RC2-CBC-MD5
Failed    SSLv2  128 bits  RC2-CBC-MD5
Failed    SSLv2   40 bits  EXP-RC4-MD5
Failed    SSLv2  128 bits  RC4-MD5
Failed    SSLv3  256 bits  ADH-AES256-SHA
Failed    SSLv3  256 bits  DHE-RSA-AES256-SHA
Failed    SSLv3  256 bits  DHE-DSS-AES256-SHA
Failed    SSLv3  256 bits  AES256-SHA
Failed    SSLv3  128 bits  ADH-AES128-SHA
Failed    SSLv3  128 bits  DHE-RSA-AES128-SHA
Failed    SSLv3  128 bits  DHE-DSS-AES128-SHA
Failed    SSLv3  128 bits  AES128-SHA
Failed    SSLv3  168 bits  ADH-DES-CBC3-SHA
Failed    SSLv3   56 bits  ADH-DES-CBC-SHA
Failed    SSLv3   40 bits  EXP-ADH-DES-CBC-SHA
Failed    SSLv3  128 bits  ADH-RC4-MD5
Failed    SSLv3   40 bits  EXP-ADH-RC4-MD5
Failed    SSLv3  168 bits  EDH-RSA-DES-CBC3-SHA
Failed    SSLv3   56 bits  EDH-RSA-DES-CBC-SHA
Failed    SSLv3   40 bits  EXP-EDH-RSA-DES-CBC-SHA
Failed    SSLv3  168 bits  EDH-DSS-DES-CBC3-SHA
Failed    SSLv3   56 bits  EDH-DSS-DES-CBC-SHA
Failed    SSLv3   40 bits  EXP-EDH-DSS-DES-CBC-SHA
Failed    SSLv3  168 bits  DES-CBC3-SHA
Failed    SSLv3   56 bits  DES-CBC-SHA
Failed    SSLv3   40 bits  EXP-DES-CBC-SHA
Failed    SSLv3  128 bits  IDEA-CBC-SHA
Failed    SSLv3   40 bits  EXP-RC2-CBC-MD5
Failed    SSLv3  128 bits  RC4-SHA
Failed    SSLv3  128 bits  RC4-MD5
Failed    SSLv3   40 bits  EXP-RC4-MD5
Failed    SSLv3    0 bits  NULL-SHA
Failed    SSLv3    0 bits  NULL-MD5
Failed    TLSv1  256 bits  ADH-AES256-SHA
Failed    TLSv1  256 bits  DHE-RSA-AES256-SHA
Failed    TLSv1  256 bits  DHE-DSS-AES256-SHA
Accepted  TLSv1  256 bits  AES256-SHA
Failed    TLSv1  128 bits  ADH-AES128-SHA
Failed    TLSv1  128 bits  DHE-RSA-AES128-SHA
Failed    TLSv1  128 bits  DHE-DSS-AES128-SHA
Accepted  TLSv1  128 bits  AES128-SHA
Failed    TLSv1  168 bits  ADH-DES-CBC3-SHA
Failed    TLSv1   56 bits  ADH-DES-CBC-SHA
Failed    TLSv1   40 bits  EXP-ADH-DES-CBC-SHA
Failed    TLSv1  128 bits  ADH-RC4-MD5
Failed    TLSv1   40 bits  EXP-ADH-RC4-MD5
Failed    TLSv1  168 bits  EDH-RSA-DES-CBC3-SHA
Failed    TLSv1   56 bits  EDH-RSA-DES-CBC-SHA
Failed    TLSv1   40 bits  EXP-EDH-RSA-DES-CBC-SHA
Failed    TLSv1  168 bits  EDH-DSS-DES-CBC3-SHA
Failed    TLSv1   56 bits  EDH-DSS-DES-CBC-SHA
Failed    TLSv1   40 bits  EXP-EDH-DSS-DES-CBC-SHA
Accepted  TLSv1  168 bits  DES-CBC3-SHA
Failed    TLSv1   56 bits  DES-CBC-SHA
Failed    TLSv1   40 bits  EXP-DES-CBC-SHA
Failed    TLSv1  128 bits  IDEA-CBC-SHA
Failed    TLSv1   40 bits  EXP-RC2-CBC-MD5
Failed    TLSv1  128 bits  RC4-SHA
Failed    TLSv1  128 bits  RC4-MD5
Failed    TLSv1   40 bits  EXP-RC4-MD5
Failed    TLSv1    0 bits  NULL-SHA
Failed    TLSv1    0 bits  NULL-MD5

Prefered Server Cipher(s):

TLSv1  256 bits  AES256-SHA

What am I missing? Thanks

Best Answer

Well DES-CBC3-SHA is ambiguous because it doesn't list the key exchange algorithm (pretty sure RSA is implied there,) but that's probably what Retina's complaining about. Even though it says DES (which is certainly NOT FIPS compliant,) I'm relatively certain that it's actually referring to 3DES (triple DES) because of the 168-bit key, which is 56x3. It's just a bad label all the way around.

If Retina were a better tool, it would tell you exactly what it was complaining about.

The problem with using tools like IISCrypto is that you don't know what it's really doing behind the scenes.

Also, are you sure that you're using a version of SSLScan that has been updated for TLS 1.1 and 1.2? There are versions floating around out there that stop at TLS 1.0. In that case, you might want to check with a more up to date tool like SharpTLSScan: https://www.myotherpcisacloud.com/post/sharptlsscan-v12

You should have at least some TLS 1.1 and 1.2 ciphers enabled on Server 2012 R2 by default, which is what makes me wonder that may your version of SSLScan is out of date and doesn't scan for the newer protocol versions.

In any event you really want to enable TLS 1.1 and 1.2. TLS 1.0 is approaching the end of its useful life very quickly.

Related Topic