Community discussions

MikroTik App
 
Hansi98
just joined
Topic Author
Posts: 4
Joined: Wed Jun 16, 2021 11:31 am

How to disable weak ciphers and hmac in TLS?

Wed Jun 16, 2021 11:50 am

Hi,
we are running RouterOS v6.47.10 on 60Ghz Dishes and according to our security policy we have to disable all known weak protocols, ciphers, algorithms and so on.
SSH is clean already (strong crypto did the job), but TLS is still an issue.

TLS is set to 1.2 only (/ip service set www-ssl tls-version=only-1.2),
but within TLS there are still weak cryptos active; see below the findings from our security scanner.

How do i disable this weak stuff?

Negotiated with the following insecure cipher suites:
TLS 1.2 ciphers:
TLS_ECDHE_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_RC4_128_SHA
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 4754
Joined: Tue Feb 25, 2014 12:49 pm
Location: Capalbio, Tuscany, Italy

Re: How to disable weak ciphers and hmac in TLS?

Wed Jun 16, 2021 3:35 pm

Simply disable www-ssl, like you already disabled telnet?
 
Hansi98
just joined
Topic Author
Posts: 4
Joined: Wed Jun 16, 2021 11:31 am

Re: How to disable weak ciphers and hmac in TLS?

Wed Jun 16, 2021 4:38 pm

But that would disable the web-management of the dishes I assume.
Telnet, FTP and others are disabled already, SSH is on strong crypto;
Web is on TLS 1.2only already, but (that's left) with some weak ciphers.
We need TLS 1.2 with strong cryptos.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 4754
Joined: Tue Feb 25, 2014 12:49 pm
Location: Capalbio, Tuscany, Italy

Re: How to disable weak ciphers and hmac in TLS?

Wed Jun 16, 2021 6:44 pm

But that would disable the web-management of the dishes I assume.
Yes, but you always have SSH and WinBox for management
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 4754
Joined: Tue Feb 25, 2014 12:49 pm
Location: Capalbio, Tuscany, Italy

Re: How to disable weak ciphers and hmac in TLS?

Wed Jun 16, 2021 6:56 pm

Web is on TLS 1.2only already, but (that's left) with some weak ciphers.
We need TLS 1.2 with strong cryptos.

(I write about tls on web-ssl, not in general)

For wat?
Only for the man in the middle attack?
On some browser you can select what ciphers must be used and on that way you have secured the connection.

But if the machine is not ultra-secure and password are saved on browser keychain, all of this tls 1.3 is perfectly useless...

Leaving open to the world the web-ssl the protocol used is the last problem.
If you can remove all unwanted, the web server is perfectly accessible.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 4754
Joined: Tue Feb 25, 2014 12:49 pm
Location: Capalbio, Tuscany, Italy

Re: How to disable weak ciphers and hmac in TLS?

Wed Jun 16, 2021 7:00 pm

SSH is on strong crypto
For wat?
You have installed certificates or you only set the strong-crypto for use on secure way the username admin and the password 123456?
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 4754
Joined: Tue Feb 25, 2014 12:49 pm
Location: Capalbio, Tuscany, Italy

Re: How to disable weak ciphers and hmac in TLS?

Wed Jun 16, 2021 7:03 pm

The point is:
Do not matter what protocol you use,
if you not use certificates for login instead of have strong crypto for only hide admin/123456
and you do not close to all IPv4/IPv6, except one/two addresses, all is still possible...
 
Hansi98
just joined
Topic Author
Posts: 4
Joined: Wed Jun 16, 2021 11:31 am

Re: How to disable weak ciphers and hmac in TLS?

Wed Jun 16, 2021 11:07 pm

We use complex ramdonly generated passwords with 20 characters for logging in. That shouldn't be the issue.
Security scanner is reporting these weak ciphers (like 3DES) still used with TLS 1.2. That is the issue.
Other devices like NetApps, DellEMC, Cisco switches, Arista AP don't do that.
The strong crypto setting for SSH is great! getting rid of the weak SSH stuff.
same with www-ssl TLS 1.2 only setting.
So is the diagnose incorrect, that RC4 based ciphers are used on Mikrotiks TLS 1.2?

"Recent cryptanalysis results exploit biases in the RC4 keystream to recover repeatedly encrypted plaintexts. As a result, RC4 can no longer be seen as providing a sufficient level of security for SSL/TLS sessions. It has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext."
Negotiated with the following insecure cipher suites:
TLS 1.2 ciphers:
TLS_ECDHE_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_RC4_128_SHA

>>SSH is on strong crypto
>>For wat?

Cause in default mode there are a couple of weak SSH ciphers used. Don't have a hardcopy on hand any more, cause the SSH strong crypto setting get rid of them. Great.
Does your question implies to use weak/normal crypto with SSH instead, cause these settings doesn't matter?
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 4754
Joined: Tue Feb 25, 2014 12:49 pm
Location: Capalbio, Tuscany, Italy

Re: How to disable weak ciphers and hmac in TLS?

Thu Jun 17, 2021 12:05 am

The point is:
Do not matter what protocol you use,
if you not use certificates for login instead of have strong crypto for only hide admin/123456
and you do not close to all IPv4/IPv6, except one/two addresses, all is still possible...
Is like you do not read this...

If you use TLS 666.4 with eliptic curve with 657168798671687687 bit
BUT
everyone CAN connect in any case to the device, because all this cripto is only for secure the data exchanged to config page, instead of the possibility to connection

is all U.S.E.L.E.S.S.

understand my point?


And also, if you put this effort to protect the config data to a device, without protect "all readable" wifi emission, passing data on ptp "cleartext", is right?

The right point of view is:
my wireless emission are crypted?
if someone "cut" the ethernet cable and put between another device, the traffic is readable?
if someone reach the config page of the device, is here anyting can cause compromise?
Sorry, I'm not english and have some problem to express what exactly I mean.
 
Hansi98
just joined
Topic Author
Posts: 4
Joined: Wed Jun 16, 2021 11:31 am

Re: How to disable weak ciphers and hmac in TLS?

Thu Jun 17, 2021 8:43 am

We decided to use basically two ways to administer the devices: by SSH and Webmanagement.
The wireless 60Ghz point-to-point connection is a different story and we think the security measures taken are sufficient here.
The devices management interface is also put into an isolated VLAN, which is accessable only with several precaution.
Even 3rd party security auditions show handling it this way is fine.

Thanks for your effort in this matter, but unfortunately it does not bring me any further.
So, i'm still looking for the final piece of our security puzzle as described above: optimize the TLS cipher settings.

Who is online

Users browsing this forum: No registered users and 8 guests