Kryptografie/Proxy: Unterschied zwischen den Versionen
K Textersetzung - „[[Kategorie:/“ durch „[[Kategorie:“ |
Keine Bearbeitungszusammenfassung |
||
(4 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
Zeile 1: | Zeile 1: | ||
== Proxy Solutions == | === Proxy Solutions === | ||
Within enterprise networks and corporations with increased levels of paranoia or at least some defined security requirements it is common '''not''' to allow direct connections to the public internet. | Within enterprise networks and corporations with increased levels of paranoia or at least some defined security requirements it is common '''not''' to allow direct connections to the public internet. | ||
For this reason proxy solutions are deployed on corporate networks to intercept and scan the traffic for potential threats within sessions. | For this reason proxy solutions are deployed on corporate networks to intercept and scan the traffic for potential threats within sessions. | ||
Zeile 24: | Zeile 24: | ||
|} | |} | ||
==== Only allow TLS 1.0,1.1 and 1.2 protocols | ==== Only allow TLS 1.0,1.1 and 1.2 protocols ==== | ||
$conf t | $conf t | ||
$(config)ssl | $(config)ssl | ||
$(config ssl)edit ssl-device-profile default | $(config ssl)edit ssl-device-profile default | ||
$(config device-profile default)protocol tlsv1 tlsv1.1 tlsv1.2 | $(config device-profile default)protocol tlsv1 tlsv1.1 tlsv1.2 | ||
ok | ok | ||
==== Select your accepted cipher-suites | ==== Select your accepted cipher-suites ==== | ||
$conf t | $conf t | ||
Enter configuration commands, one per line. End with CTRL-Z. | Enter configuration commands, one per line. End with CTRL-Z. | ||
$(config)proxy-services | $(config)proxy-services | ||
$(config proxy-services)edit ReverseProxyHighCipher | $(config proxy-services)edit ReverseProxyHighCipher | ||
$(config ReverseProxyHighCipher)attribute cipher-suite | $(config ReverseProxyHighCipher)attribute cipher-suite | ||
Cipher# Use Description Strength | Cipher# Use Description Strength | ||
------- --- ----------------------- -------- | ------- --- ----------------------- -------- | ||
1 yes AES128-SHA256 High | 1 yes AES128-SHA256 High | ||
Zeile 47: | Zeile 47: | ||
[...] | [...] | ||
13 yes EXP-RC2-CBC-MD5 Export | 13 yes EXP-RC2-CBC-MD5 Export | ||
Select cipher numbers to use, separated by commas: 2,5,6 | Select cipher numbers to use, separated by commas: 2,5,6 | ||
ok | ok | ||
The same protocols are available for forward proxy settings and should be adjusted accordingly: In your local policy file add the following section: | The same protocols are available for forward proxy settings and should be adjusted accordingly: In your local policy file add the following section: | ||
<ssl> | <ssl> | ||
Zeile 67: | Zeile 69: | ||
==== Settings ==== | ==== Settings ==== | ||
; global configuration | ; global configuration | ||
global | global | ||
Zeile 122: | Zeile 123: | ||
; HTTPS Listener in Pound | ; HTTPS Listener in Pound | ||
# HTTP Listener, redirects to HTTPS | # HTTP Listener, redirects to HTTPS | ||
ListenHTTP | ListenHTTP | ||
Address 10.10.0.10 | Address 10.10.0.10 | ||
Port 80 | Port 80 | ||
Zeile 128: | Zeile 129: | ||
Redirect "https://some.site.tld" | Redirect "https://some.site.tld" | ||
End | End | ||
End | End | ||
## HTTPS Listener | ## HTTPS Listener | ||
ListenHTTPS | ListenHTTPS | ||
Address 10.10.0.10 | Address 10.10.0.10 | ||
Port 443 | Port 443 | ||
Zeile 136: | Zeile 137: | ||
Cert "/path/to/your/cert.pem" | Cert "/path/to/your/cert.pem" | ||
## See 'man ciphers'. | ## See 'man ciphers'. | ||
Ciphers | Ciphers "TLSv1.2:TLSv1.1:!SSLv3:!SSLv2:EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA" | ||
Service | Service | ||
BackEnd | BackEnd | ||
Zeile 143: | Zeile 144: | ||
End | End | ||
End | End | ||
End | End | ||
=== stunnel === | === stunnel === | ||
Zeile 153: | Zeile 154: | ||
==== Settings ==== | ==== Settings ==== | ||
; HTTPS Listener in stunnel | ; HTTPS Listener in stunnel | ||
ciphers = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA | ciphers = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA | ||
curve = secp384r1 | curve = secp384r1 | ||
options = NO_SSLv2 | options = NO_SSLv2 | ||
options = NO_SSLv3 | options = NO_SSLv3 | ||
options = cipher_server_preference | options = cipher_server_preference | ||
; Secure Client-Initiated Renegotiation can only be disabled wit stunnel >= 4.54 | ; Secure Client-Initiated Renegotiation can only be disabled wit stunnel >= 4.54 | ||
;renegotiation = no | ;renegotiation = no | ||
Zeile 172: | Zeile 172: | ||
==== How to test ==== | ==== How to test ==== | ||
See appendix [https://bettercrypto.org/#tools Tools] | See appendix [https://bettercrypto.org/#tools Tools] | ||
<noinclude> | |||
== Anhang == | |||
=== Siehe auch === | |||
{{Special:PrefixIndex/Kryptografie}} | |||
==== Sicherheit ==== | |||
==== Dokumentation ==== | |||
==== Links ==== | |||
===== Projekt ===== | |||
===== Weblinks ===== | |||
[[Kategorie:Kryptografie/Best Practice]] | [[Kategorie:Kryptografie/Best Practice]] | ||
</noinclude> |
Aktuelle Version vom 31. Mai 2023, 12:22 Uhr
Proxy Solutions
Within enterprise networks and corporations with increased levels of paranoia or at least some defined security requirements it is common not to allow direct connections to the public internet. For this reason proxy solutions are deployed on corporate networks to intercept and scan the traffic for potential threats within sessions. For encrypted traffic there are four options:* Block the connection because it cannot be scanned for threats.
- Bypass the threat-mitigation and pass the encrypted session to the client, which results in a situation where malicious content is transferred directly to the client without visibility to the security system.
- Intercept (i.e. terminate) the session at the proxy, scan there and re-encrypt the session towards the client (effectively MITM).
- Deploy special Certificate Authorities to enable Deep Packet Inspection on the wire.
While the latest solution might be the most "up to date", it arises a new front in the context of this paper, because the most secure part of a client’s connection could only be within the corporate network, if the proxy-server handles the connection to the destination server in an insecure manner. Conclusion: Don’t forget to check your proxy solutions SSL-capabilities. Also do so for your reverse proxies!
Bluecoat / Symantec
Blue Coat Systems was a well-known manufacturer of enterprise proxy appliances. In 2016 it was acquired by Symantec. The products are now known as Symantec ProxySG and Advanced Secure Gateway (ASG). The description below is for the original Blue Coat SG Operating System (SGOS). BlueCoat Proxy SG Appliances can be used as forward and reverse proxies. The reverse proxy feature is rather under-developed, and while it is possible and supported, there only seems to be limited use of this feature "in the wild" - nonetheless there are a few cipher suites to choose from, when enabling SSL features.
Tested with Versions
Proxy Appliance | SGOS 6.5.x | Blue Coat, now Symantec |
---|
Only allow TLS 1.0,1.1 and 1.2 protocols
$conf t $(config)ssl $(config ssl)edit ssl-device-profile default $(config device-profile default)protocol tlsv1 tlsv1.1 tlsv1.2 ok
Select your accepted cipher-suites
$conf t Enter configuration commands, one per line. End with CTRL-Z. $(config)proxy-services $(config proxy-services)edit ReverseProxyHighCipher $(config ReverseProxyHighCipher)attribute cipher-suite Cipher# Use Description Strength ------- --- ----------------------- -------- 1 yes AES128-SHA256 High 2 yes AES256-SHA256 High 3 yes AES128-SHA Medium 4 yes AES256-SHA High 5 yes DHE-RSA-AES128-SHA High 6 yes DHE-RSA-AES256-SHA High [...] 13 yes EXP-RC2-CBC-MD5 Export Select cipher numbers to use, separated by commas: 2,5,6 ok
The same protocols are available for forward proxy settings and should be adjusted accordingly: In your local policy file add the following section:
<ssl>
DENY server.connection.negotiated_ssl_version=(SSLV2, SSLV3)
Disabling protocols and ciphers in a forward proxy environment could lead to unexpected results on certain (misconfigured?) webservers (i.e. ones accepting only SSLv2/3 protocol connections)
HAProxy
See https://www.haproxy.org/ See https://timtaubert.de/blog/2014/11/the-sad-state-of-server-side-tls-session-resumption-implementations/ See https://cbonte.github.io/haproxy-dconv/configuration-1.5.html#5.1-npn See https://cbonte.github.io/haproxy-dconv/configuration-1.5.html#3.2-tune.ssl.cachesize See https://kura.io/2014/07/02/haproxy-ocsp-stapling/ See https://kura.io/2015/01/27/hpkp-http-public-key-pinning-with-haproxy/ HAProxy can be used as loadbalancer and proxy for TCP and HTTP-based applications. Since version 1.5 it supports SSL and IPv6.
Tested with Versions
HAProxy 1.5.11 with OpenSSL 1.0.1e on Debian Wheezy
Settings
- global configuration
global
ssl-default-bind-ciphers EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA ssl-default-bind-options no-sslv3 no-tls-tickets #disable SSLv3 tune.ssl.default-dh-param 2048 #tune DH to 2048
- frontend configuration
frontend public
bind *:80 bind *:443 ssl crt server.pem mode http redirect scheme https code 301 if !{ ssl_fc } # redirect HTTP to HTTPS
- backend configuration
backend backend
mode http server server 192.168.1.1:80 check http-request set-header X-Forwarded-Port %[dst_port] http-request add-header X-Forwarded-Proto https if { ssl_fc } rspadd Strict-Transport-Security:\ max-age=15768000;\ includeSubDomains #enable HSTS header for this backend
Additional Settings
Enable NPN Support:
bind *:443 ssl crt server.pem npn "http/1.1,http/1.0"
Append the npn command in the frontend configuration of HAProxy.
Enable OCSP stapling:
HAProxy supports since version 1.5.0 OCSP stapling. To enable it you have to generate the OCSP singing file in the same folder, with the same name as your certificate file plus the extension .ocsp. (e.g. your certificate file is named server.crt then the OCSP file have to be named server.crt.oscp)To generate the OCSP file use these commands: $ openssl x509 -in your.certificate.crt -noout -ocsp_uri # <- get your ocsp uri $ openssl ocsp -noverify -issuer ca.root.cert.crt -cert your.certificate.crt -url "YOUR OCSP URI" -respout your.certificate.crt.ocsp Reload HAProxy and now OCSP stapling should be enabled.Note: This OCSP signature file is only valid for a limited time. The simplest way of updating this file is by using cron.daily or something similar.
Enable HPKP:
Get certificate informations: $ openssl x509 -in server.crt -pubkey -noout | openssl rsa -pubin -outform der | openssl dgst -sha256 -binary | base64 Then you append the returned string in the HAProxy configuration. Add the following line to the backend configuration: rspadd Public-Key-Pins:\ pin-sha256="YOUR_KEY";\ max-age=15768000;\ includeSubDomains Reload HAProxy and HPKP should now be enabled.Note: Keep in mind to generate a backup key in case of problems with your primary key file.
How to test
See appendix Tools
Pound
Tested with Versions
Pound 2.6 See http://www.apsis.ch/pound See https://help.ubuntu.com/community/Pound
Settings
- HTTPS Listener in Pound
# HTTP Listener, redirects to HTTPS ListenHTTP Address 10.10.0.10 Port 80 Service Redirect "https://some.site.tld" End End ## HTTPS Listener ListenHTTPS Address 10.10.0.10 Port 443 AddHeader "Front-End-Https: on" Cert "/path/to/your/cert.pem" ## See 'man ciphers'. Ciphers "TLSv1.2:TLSv1.1:!SSLv3:!SSLv2:EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA" Service BackEnd Address 10.20.0.10 Port 80 End End End
stunnel
Tested with Versions
- stunnel 4.53-1.1ubuntu1 on Ubuntu 14.04 Trusty with OpenSSL 1.0.1f, without disabling Secure Client-Initiated Renegotiation
- stunnel 5.02-1 on Ubuntu 14.04 Trusty with OpenSSL 1.0.1f
- stunnel 4.53-1.1 on Debian Wheezy with OpenSSL 1.0.1e, without disabling Secure Client-Initiated Renegotiation
Settings
- HTTPS Listener in stunnel
ciphers = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA curve = secp384r1 options = NO_SSLv2 options = NO_SSLv3 options = cipher_server_preference ; Secure Client-Initiated Renegotiation can only be disabled wit stunnel >= 4.54 ;renegotiation = no
Additional information
Secure Client-Initiated Renegotiation can only be disabled for stunnel versions >= 4.54, when the renegotiation parameter has been added (See changelog).
References
stunnel documentation: https://www.stunnel.org/static/stunnel.html stunnel changelog: https://www.stunnel.org/sdf_ChangeLog.html
How to test
See appendix Tools
Anhang
Siehe auch
- Kryptografie
- Kryptografie/Algorithmus
- Kryptografie/Angriffe
- Kryptografie/Best Practice
- Kryptografie/Chiffrier Suits
- Kryptografie/Entwicklung
- Kryptografie/Geschwindigkeit
- Kryptografie/Glossar
- Kryptografie/Grundlagen
- Kryptografie/Key-Exchange
- Kryptografie/Mailserver
- Kryptografie/Motivation
- Kryptografie/Proxy
- Kryptografie/Schlüssellängen
- Kryptografie/Tools
- Kryptografie/Tunneling
- Kryptografie/VPN
- Kryptografie/Webserver
- Kryptografie/tmp