11-04-2014 03:06 PM
Bare with me here, im learning as I go...
We are currently running our outgoing cipher as : AES256-SHA due to a requirement with a receiving party. We occasionally have an issue sending mail to a few other domains in which we have found disabling TLS fixes the issue. I have been unable to get in touch with the right people or people on the receiving end when this problem occurs to see if they have this cipher available. It appears that if they don't have it that TLS would fail based on this article http://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/117855-technote-esa-00.html as we have to have a matching cipher in order to send mail over TLS
Is there a way to remotely find out what Ciphers are available on a remote server? I have tired www.checktls.com but I would assume this negotiates and reports what it can use or negotiate not what is available for me to compare to.
It also looks like I can run multiple ciphers in a specified order but I cant follow the CLI guide it basically says pick one of the following which does not line up with the AES256-SHA setting that is in use..... how would I use AES256-SHA as the primary for my requirement and what other ones should I run that most platforms have and can negotiate with?
In SSLCONFIG I only see the following options when configuring the outgoing cipher, I don't see the one I am currently using or what I can potentially use?
1. SSL v2.
2. SSL v3
3. TLS v1
4. SSL v2 and v3
5. SSL v3 and TLS v1
6. SSL v2, v3 and TLS v1
I also don't understand why if TLS can not agree on a cipher why it would not revert to no TLS. My Default destination control for TLS Support is "Prefered" not required and would have applied to the few domains that I had to disable it for.
11-04-2014 03:36 PM
In the latest build (8.5.6-092).they put the ciphers in the gui, not really much better, but its there.
The syntax is from here: https://www.openssl.org/docs/apps/ciphers.html
My string is MEDIUM:HIGH:-SSLv2:-aNULL:@STRENGTH
Which means, add the medium ciphers (eg 128 bit), add the high strength ciphers (256), turn of all ssl2 ciphers, turn off null ciphers, sort by strength
If you want AES256-SHA first, you could try something like this
AES256-SHA:HIGH:MEDIUM:-SSLv2:-aNULL
Are you using a self-signed cert or the demo cert? some sites won't take a self-signed cert, or a cert that doesn't match the domain of the sending box
11-04-2014 04:58 PM
Thanks for the feedback, your example is great and somewhat what I thought was needed. I'm curious how one would pick which ciphers to use and which ones to avoid obviously there are vulnerabilities in many. Looking at the inbound settings - RC4-SHA:RC4-MD5:ALL which I believe is default, I am thinking along the lines of AES256-SHA:HIGH:MEDIUM and maybe using :ALL which would be better than nothing to negotiate with older systems. Do you know the default value?
We have a VeriSign Cert.
Any thought on how to query a receiving mail server for available ciphers?
BTW build 8.5.6-074 has it in the GUI too.
11-04-2014 07:19 PM
You don't want to use ALL as there are some that are so weak as to be as if you were using nothing. There's a decent discussion of cipher selection here: http://security.stackexchange.com/questions/7440/what-ciphers-should-i-use-in-my-web-server-after-i-configure-my-ssl-certificate.
Not completely applicable but its a start.
I have to do some digging on querying a server on cipher suite support...
11-05-2014 06:59 AM
Here's how to tell what ciphers the other side supports...
http://security.stackexchange.com/questions/58857/test-starttls-configuration-of-smtp-server
11-05-2014 02:44 PM
You should check out the cli command "tlsverify" also...
11-05-2014 05:19 PM
Thanks for pointing that out, I had played with that command a bit already and is a good tool to use to test TLS after I change the Ciphers.
12-28-2015 01:06 AM
Hi, can u help me with ciphers.
I have 9.7.0 AsyncOS, TLS v1/TLS v1.2 (SSL is disabled) and default ciphers RC4-SHA:RC4-MD5:ALL:-aNULL:-EXPORT.
I made scan for vulnerabilities, and report recommendation is to disable RC4.
How correctly disable RC4 and what is better to enable in ciphers now?
Something like this MEDIUM:HIGH:-aNULL:-EXPORT@STRENGTH ???
I know little about ciphers).
12-28-2015 08:31 AM
That's a good cipher list.
If you want to make sure RC4 is off, you can do something like this:
MEDIUM:HIGH:!RC4:!aNULL:!EXPORT@STRENGTH
(the ! makes it so later additions to the string can't add that cipher back in... )
12-29-2015 03:45 AM
OK,thanks.
12-31-2015 06:05 AM
Note: The SSL/TLS methods and ciphers should be set based on the specific security policies and preferences of your company. For third-party information in regards to ciphers, refer to the Security/Server Side TLS Mozilla document for recommended server configurations and detailed information.
With Cisco AsyncOS for Email Security, an administrator can use the sslconfig command in order to configure the SSL or TLS protocols for the methods and ciphers that are used for GUI communication, advertised for inbound connections, and requested for outbound connections:
esa.local> sslconfig
sslconfig settings:
GUI HTTPS method: tlsv1/tlsv1.2
GUI HTTPS ciphers:
MEDIUM
HIGH
-SSLv2
-aNULL
!RC4
@STRENGTH
-EXPORT
Inbound SMTP method: tlsv1/tlsv1.2
Inbound SMTP ciphers:
MEDIUM
HIGH
-SSLv2
-aNULL
!RC4
@STRENGTH
-EXPORT
Outbound SMTP method: tlsv1/tlsv1.2
Outbound SMTP ciphers:
MEDIUM
HIGH
-SSLv2
-aNULL
!RC4
@STRENGTH
-EXPORT
Choose the operation you want to perform:
- GUI - Edit GUI HTTPS ssl settings.
- INBOUND - Edit Inbound SMTP ssl settings.
- OUTBOUND - Edit Outbound SMTP ssl settings.
- VERIFY - Verify and show ssl cipher list.
[]> inbound
Enter the inbound SMTP ssl method you want to use.
1. SSL v2
2. SSL v3
3. TLS v1/TLS v1.2
4. SSL v2 and v3
5. SSL v3 and TLS v1/TLS v1.2
6. SSL v2, v3 and TLS v1/TLS v1.2
[3]>
Enter the inbound SMTP ssl cipher you want to use.
[MEDIUM:HIGH:-SSLv2:-aNULL:!RC4:@STRENGTH:-EXPORT]>
sslconfig settings:
GUI HTTPS method: tlsv1/tlsv1.2
GUI HTTPS ciphers:
MEDIUM
HIGH
-SSLv2
-aNULL
!RC4
@STRENGTH
-EXPORT
Inbound SMTP method: tlsv1/tlsv1.2
Inbound SMTP ciphers:
MEDIUM
HIGH
-SSLv2
-aNULL
!RC4
@STRENGTH
-EXPORT
Outbound SMTP method: tlsv1/tlsv1.2
Outbound SMTP ciphers:
MEDIUM
HIGH
-SSLv2
-aNULL
!RC4
@STRENGTH
-EXPORT
Choose the operation you want to perform:
- GUI - Edit GUI HTTPS ssl settings.
- INBOUND - Edit Inbound SMTP ssl settings.
- OUTBOUND - Edit Outbound SMTP ssl settings.
- VERIFY - Verify and show ssl cipher list.
[]>
If changes are made to the SSL configuration, ensure that you commit any and all changes.
In AsyncOS for Email Security Versions 9.6 and later, the ESA is set to use the TLS v1/TLS v1.2 method by default. In this case, TLSv1.2 takes precedent for communication, if in use by both the sending and receiving parties. In order to establish a TLS connection, both sides must have at least one enabled method that matches, and at least one enabled cipher that matches.
Note: In AsyncOS for Email Security versions prior to Version 9.6, the default has two methods: SSL v3 and TLS v1. Some administrators might want to disable SSL v3 due to recent vulnerabilities (if SSL v3 is enabled).
When you view the default cipher that is listed in the previous example, it is important to understand the reason that it shows two ciphers followed by the word ALL. Although ALL includes the two ciphers that precede it, the order of the ciphers in the cipher list determines the preference. Thus, when a TLS connection is made, the client picks the first cipher that both sides support based on the order of appearance in the list.
Note: The RC4 ciphers are enabled by default on the ESA. In the previous example, the MEDIUM:HIGH is based on the Prevent Negotiations for Null or Anonymous Ciphers on the ESA and SMA Cisco document. For further information in regards to RC4 specifically, refer to the Security/Server Side TLS Mozilla document, and also the On the Security of RC4 in TLS and WPA document that is presented from the USENIX Security Symposium 2013. In order to remove the RC4 ciphers from use, refer to the examples that follow.
Through manipulation of the cipher list, you can influence the cipher that is chosen. You can list specific ciphers or cipher ranges, and also reorder them by strength with the inclusion of the @STRENGTH option in the cipher string, as shown here:
Enter the inbound SMTP ssl cipher you want to use.
[RC4-SHA:RC4-MD5:ALL]> MEDIUM:HIGH:-SSLv2:-aNULL:@STRENGTH
Ensure that you review all of the ciphers and ranges that are available on the ESA. In order to view these, enter the sslconfig command, followed by the verify sub-command. The options for the SSL cipher categories are LOW, MEDIUM, HIGH, and ALL:
[]> verify
Enter the ssl cipher you want to verify.
[]> MEDIUM
ADH-RC4-MD5 SSLv3 Kx=DH Au=None Enc=RC4(128) Mac=MD5
IDEA-CBC-SHA SSLv3 Kx=RSA Au=RSA Enc=IDEA(128) Mac=SHA1
RC4-SHA SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
RC4-MD5 SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
IDEA-CBC-MD5 SSLv2 Kx=RSA Au=RSA Enc=IDEA(128) Mac=MD5
RC2-CBC-MD5 SSLv2 Kx=RSA Au=RSA Enc=RC2(128) Mac=MD5
RC4-MD5 SSLv2 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
You can also combine these in order to include ranges:
[]> verify
Enter the ssl cipher you want to verify.
[]> MEDIUM:HIGH
ADH-RC4-MD5 SSLv3 Kx=DH Au=None Enc=RC4(128) Mac=MD5
IDEA-CBC-SHA SSLv3 Kx=RSA Au=RSA Enc=IDEA(128) Mac=SHA1
RC4-SHA SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
RC4-MD5 SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
IDEA-CBC-MD5 SSLv2 Kx=RSA Au=RSA Enc=IDEA(128) Mac=MD5
RC2-CBC-MD5 SSLv2 Kx=RSA Au=RSA Enc=RC2(128) Mac=MD5
RC4-MD5 SSLv2 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
ADH-CAMELLIA256-SHA SSLv3 Kx=DH Au=None Enc=Camellia(256) Mac=SHA1
DHE-RSA-CAMELLIA256-SHA SSLv3 Kx=DH Au=RSA Enc=Camellia(256) Mac=SHA1
DHE-DSS-CAMELLIA256-SHA SSLv3 Kx=DH Au=DSS Enc=Camellia(256) Mac=SHA1
CAMELLIA256-SHA SSLv3 Kx=RSA Au=RSA Enc=Camellia(256) Mac=SHA1
ADH-CAMELLIA128-SHA SSLv3 Kx=DH Au=None Enc=Camellia(128) Mac=SHA1
DHE-RSA-CAMELLIA128-SHA SSLv3 Kx=DH Au=RSA Enc=Camellia(128) Mac=SHA1
DHE-DSS-CAMELLIA128-SHA SSLv3 Kx=DH Au=DSS Enc=Camellia(128) Mac=SHA1
CAMELLIA128-SHA SSLv3 Kx=RSA Au=RSA Enc=Camellia(128) Mac=SHA1
ADH-AES256-SHA SSLv3 Kx=DH Au=None Enc=AES(256) Mac=SHA1
DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1
DHE-DSS-AES256-SHA SSLv3 Kx=DH Au=DSS Enc=AES(256) Mac=SHA1
AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1
ADH-AES128-SHA SSLv3 Kx=DH Au=None Enc=AES(128) Mac=SHA1
DHE-RSA-AES128-SHA SSLv3 Kx=DH Au=RSA Enc=AES(128) Mac=SHA1
DHE-DSS-AES128-SHA SSLv3 Kx=DH Au=DSS Enc=AES(128) Mac=SHA1
AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1
ADH-DES-CBC3-SHA SSLv3 Kx=DH Au=None Enc=3DES(168) Mac=SHA1
EDH-RSA-DES-CBC3-SHA SSLv3 Kx=DH Au=RSA Enc=3DES(168) Mac=SHA1
EDH-DSS-DES-CBC3-SHA SSLv3 Kx=DH Au=DSS Enc=3DES(168) Mac=SHA1
DES-CBC3-SHA SSLv3 Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1
DES-CBC3-MD5 SSLv2 Kx=RSA Au=RSA Enc=3DES(168) Mac=MD5
Any of the SSL ciphers that you do not want configured and available should be removed with the "-" option that precedes the specific ciphers. Here is an example:
[]> MEDIUM:HIGH:-SSLv2:-aNULL:@STRENGTH:-EDH-RSA-DES-CBC3-SHA:
-EDH-DSS-DES-CBC3-SHA:-DES-CBC3-SHA
The information in this example would negate the NULL, EDH-RSA-DES-CBC3-SHA, EDH-DSS-DES-CBC3-SHA, and DES-CBC3-SHAciphers from advertisement and prevent their use in the SSL communication.
You can also accomplish similar with the inclusion of the "!" character in front of the cipher group or string that you desire to become unavailable:
[]> MEDIUM:HIGH:-SSLv2:-aNULL:!RC4:@STRENGTH
The information in this example would remove all of the RC4 ciphers from use. Thus, the RC4-SHA and RC4-MD5 ciphers would be negated and not advertised in the SSL communication.
If changes are made to the SSL configuration, ensure that you commit any and all changes.
Can also view these articles for assistance:
07-22-2019 04:53 AM - edited 07-22-2019 05:38 AM
Hi Robert,
I'm looking for a little education here.
Does the order of HIGH:MEDIUM or MEDIUM:HIGH matter if @STRENGTH is included in the string? Cisco seems to recommending using the following:
MEDIUM:HIGH:!RC4:!MD5:!SSLv2:!aNULL:!EXPORT:@STRENGTH
Can you run through what that actually does? Does it address vulnerabilities with 3DES, DES, CBC3 etc?
07-22-2019 07:11 AM
07-22-2019 07:42 AM
Thanks Ken. Cisco support was telling me that MEDIUM:HIGH would "catch the weak ciphers" but I wasn't sure how that could work.
Do you mean SSLconfig? I don't think certconfig has that option.
07-22-2019 08:22 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide