Seguridad: Glassfish Renegociación de SSLv3 y TLS

¿Qué dice Oracle referente a la vulnerabilidad de Renegociación de SSLv3 y TLS?
Fuente: Transport Layer Security (TLS) Renegotiation Issue Readme- http://www.oracle.com/technetwork/java/javase/documentation/tlsreadme2-176330.html

¿Cómo se verifica si nuestro server es vulnerable?

Example 4 Checking for Client-initiated Renegotiation and Secure Renegotiation via openssl (manually)

Openssl [30] can be used for testing manually SSL/TLS. In this example the tester tries to initiate a renegotiation by client [m] connecting to server with openssl. The tester then writes the fist line of an HTTP request and types “R” in a new line. He then waits for renegotiaion and completion of the HTTP request and checks if secure renegotiaion is supported by looking at the server output. Using manual requests it is also possible to see if Compression is enabled for TLS and to check for CRIME [13], for ciphers and for other vulnerabilities.
$ openssl s_client -connect www2.example.com:443
CONNECTED(00000003)
depth=2 ******
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
 0 s:******
   i:******
 1 s:******
   i:******
 2 s:******
   i:******
---
Server certificate
-----BEGIN CERTIFICATE-----
******
-----END CERTIFICATE-----
subject=******
issuer=******
---
No client certificate CA names sent
---
SSL handshake has read 3558 bytes and written 640 bytes
---
New, TLSv1/SSLv3, Cipher is DES-CBC3-SHA
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : DES-CBC3-SHA
    Session-ID: ******
    Session-ID-ctx: 
    Master-Key: ******
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: ******
    Timeout   : 300 (sec)
    Verify return code: 20 (unable to get local issuer certificate)
---

Now the tester can write the first line of an HTTP request and then R in a new line.
HEAD / HTTP/1.1
R
Server is renegotiating
RENEGOTIATING
depth=2 C******
verify error:num=20:unable to get local issuer certificate
verify return:0
And the tester can complete our request, checking for response.
HEAD / HTTP/1.1

HTTP/1.1 403 Forbidden ( The server denies the specified Uniform Resource Locator (URL). Contact the server administrator.  )
Connection: close
Pragma: no-cache
Cache-Control: no-cache
Content-Type: text/html
Content-Length: 1792  

read:errno=0
Even if the HEAD is not permitted, Client-intiated renegotiaion is permitted.

Como se verifica para Glassfish?

Si no es vulnerable debe de mostrar el siguiente resultado:
---
GET / HTTP/1.0
R
RENEGOTIATING
140735300143548:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:591:
:~$

Ejemplo:
$ openssl s_client -connect scottlinux.com:443
CONNECTED(00000003)
depth=0 CN = li166-66.members.linode.com
verify error:num=18:self signed certificate
verify return:1
depth=0 CN = li166-66.members.linode.com
verify return:1
---
Certificate chain
 0 s:/CN=li166-66.members.linode.com
   i:/CN=li166-66.members.linode.com
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIBwzCCASwCCQDq0eIRQD71bTANBgkqhkiG9w0BAQUFADAmMSQwIgYDVQQDExts
aTE2Ni02Ni5tZW1iZXJzLmxpbm9kZS5jb20wHhcNMTAwNzI0MjAwOTE0WhcNMjAw
NzIxMjAwOTE0WjAmMSQwIgYDVQQDExtsaTE2Ni02Ni5tZW1iZXJzLmxpbm9kZS5j
b20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOOxaSrBkgHACSBgKtZOECOH
s5VwnUfdghEJrgtmyqeUw78pNZX/wq3BGnmkUsB+cYd+YNMbdkxAHjMTi21u+/T3
Id7tjSDNzLIop4joUUdUkmIxZqp+8RmOq0+6FHTAF761qBr3Mgc64G96ToiGZopv
9Uo5adbdcfgCbA71u+zZAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEA1vgLRRsL7Mmp
oVadISEvjWrV/eePuW2ylWi9NQJua863ouwObN6GKRs+nIaPESc6hSIcGs2zOXIm
1e/eGyqYzQVUZDvKT11TKQp3SioYLwatjwpftM8sRykqSNZgiUSwxa3Q9vS/ZzbQ
wILdu9Dk8yCkDVPbbZK087oSfHIFbvw=
-----END CERTIFICATE-----
subject=/CN=li166-66.members.linode.com
issuer=/CN=li166-66.members.linode.com
---
No client certificate CA names sent
---
SSL handshake has read 1205 bytes and written 409 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: zlib compression
Expansion: zlib compression
SSL-Session:
    Protocol  : TLSv1
    Cipher    : DHE-RSA-AES256-SHA
    Session-ID: E94F5D1CB4CD23EFEB64DD869FD9E0120043C788AFA706DF106905E54E6C7163
    Session-ID-ctx: 
    Master-Key: 212EC6D6BB98CF4766B4AD42142F5C3283EFF2564172710EE26415D50FF99B7DC197B1CAC552A18D7674490A224CBF92
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    TLS session ticket:
    0000 - 45 af 98 09 0a 81 dd c7-60 dd e3 97 d1 5d a9 68   E.......`....].h
    0010 - 34 6f 09 06 13 95 41 e9-cf 21 8e 9b 68 8b 4a 11   4o....A..!..h.J.
    0020 - c5 f7 a8 ab 7d 50 0a d8-e6 17 84 a7 9a 9c f7 8d   ....}P..........
    0030 - d8 b3 0e c5 84 cc c9 44-39 4c 0d ce 75 73 26 fb   .......D9L..us&.
    0040 - 31 a5 fb ae b1 e5 d8 7d-7b f9 c7 66 83 1c 85 1f   1......}{..f....
    0050 - 60 de fa 77 ad 26 a4 30-9f f4 d7 3e be 91 10 72   `..w.&.0...>...r
    0060 - 3f 52 b5 38 47 0a c1 d0-0e aa a3 16 47 87 17 3f   ?R.8G.......G..?
    0070 - 8b 23 52 61 ae 6b 5f 28-08 ee 99 8e 01 19 89 3a   .#Ra.k_(.......:
    0080 - 2f 28 2d 71 20 2b 1d 2d-82 83 91 b4 50 90 d4 eb   /(-q +.-....P...
    0090 - 37 e7 eb c6 93 12 68 11-cb d3 f8 e3 d6 b6 ca 10   7.....h.........
    00a0 - cf 59 dd ff d4 b9 81 e4-35 80 99 25 1f 05 e1 04   .Y......5..%....
    00b0 - 4c 18 6a 8d 0c 0e 3d 88-63 cb 35 97 97 2b b9 a6   L.j...=.c.5..+..

    Compression: 1 (zlib compression)
    Start Time: 1320370833
    Timeout   : 300 (sec)
    Verify return code: 18 (self signed certificate)
---
GET / HTTP/1.0
R
RENEGOTIATING
140735300143548:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:591:
:~$



XXX:
Si se prueba en su red local es posible que su servidor no sea vulnerable, pero aun le reporten que su servidor es vulnerable, es posible que entre quien realiza la prueba y el server exista un firewall y es  este último quien esta re negociando, debe buscar información para su firewall, en el caso de TMG este link puede resultar útil: Improving SSL Security for Forefront Threat Management Gateway (TMG) 2010 Published Web Sites -> http://www.isaserver.org/articles-tutorials/configuration-security/improving-ssl-security-forefront-threat-management-gateway-tmg-2010-published-web-sites.html 








Comentarios

Entradas populares