Articles from security category

Secure cipher suites for the ssl_cipher_list configuration

Thu 03 May 2018 | security Written by Mișu Moldovan

Default SSL cipher suites

With the release of SFTPPlus 3.32.0, we have changed the default set of SSL cipher suites for the Local Manager and the HTTPS service. As with any product that run in many environments, SFTPPlus uses a default set of SSL-related parameters that are a compromise between security and compatibility. Up to SFTPPlus version 3.31.0, we were using this highly compatible, but still reasonably secure, default set:

ssl_cipher_list = 'ALL:!RC4:!DES:!3DES:!MD5:!EXP'

Starting with SFTPPlus version 3.32.0, we strongly emphasize our focus on security. The default setting for OpenSSL cipher suites in SFTPPlus is now:

ssl_cipher_list = 'HIGH:!PSK:!RSP:!eNULL:!aNULL:!RC4:!MD5:!DES:!3DES:!aDH:!kDH:!DSS'

Notice that we now derive our default set from the HIGH set of cipher suites in OpenSSL. As improved cipher suites are added in OpenSSL, and new vulnerabilities are discovered and patched for, this specific set of cipher suites will be continuously improved upon by the OpenSSL developers. By keeping OpenSSL libraries updated through OS-specific procedures, our customers' SFTPPlus installations will benefit from these upstream improvements.

This new default set of safe cipher suites is also encapsulated within the secure configuration option, so you may simply use the following:

ssl_cipher_list = secure

Testing your HTTPS server

In ensuring that the secure configuration option for ssl_cipher_list in SFTPPlus is actually secure enough for your needs, you should try auditing your HTTPS setup using the Qualys SSL Labs' SSL Server Test.

This is a free online service that perform an analysis of the configuration of any public HTTPS server listening on the standard 443 port. When results are submitted, a grade from A to F is provided. You can read more about Qualys' SSL Server Rating Guide in their GitHub wiki here.

Assuming you are using a modern version of OpenSSL, such as version 1.0.2, a default installation of SFTPPlus version 3.32.0 will currently yield a score of B. This is because we still care about compatibility with older clients in the default setup.

However, you might want to go beyond that and try to obtain a Qualys SSL Server Rating of A for your SFTPPlus installation. A set of ciphers suites that sacrifices a bit of compatibility to reach the Grade A rating would be:

| ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-GCM-SHA256:
| ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-GCM-SHA384

Keep in mind that clients such as Internet Explorer on Windows XP, Java 6.x clients and Android 2.x users will not be able to access your server any more. For guiding you in picking the best cipher suites for your OpenSSL version, we recommend Mozilla's SSL Configuration Generator.

Another way to increase the security of your HTTPS setup is to disable support for older SSL methods such as TLS v1.0 and v1.1. While as of April 2018 there are no known vulnerabilities specific to TLS v1.0 or v1.1, supporting only the newest standard will ensure better security through the use of more modern cipher suites.

In seeking the perfect balance between security and compatibility, you may wish to consider configuring only some services to have stricter cipher suites and/or TLS policy. These could be administration facing services such as the SFTPPlus Local Manager. For other services, you may need to adopt a policy that allows a compatible set as the default value for services such as HTTPS.

For example, here's the difference between secure and compatible SSL methods. Note that the secure method does not provide backward compatibility:

Secure methods:
ssl_allowed_methods = tlsv1.2

This indicates that the server will only support TLS v1.2, and will not communicate with a client that supports only TLS v1.0 and/or TLS v1.1.

A more lenient set of SSL methods would be:

Compatible methods:
ssl_allowed_methods = tlsv1.0 tlsv1.1 tlsv1.2

This indicates that the server will support clients using TLS version v1.2 and can communicate with clients that only support TLS v1.0 and/or TLS v1.1.

Beware that not supporting TLS v1.0 would mean dropping support for clients from older operating systems such as RHEL 5, SLES 11 and Solaris 10, as well as obsolete platforms like Android 4.0-4.3, Internet Explorer on Windows Vista and Win Phone 8.0, Java 7 clients. Anything based on the old OpenSSL 0.9.8 version are also included.

Therefore, you may need to reach a compromise in choosing the ssl_allowed_methods too, and only restrict the SSL methods for the more sensitive services such as Local Manager.

Evaluating SFTPPlus MFT

SFTPPlus MFT Server supports FTP, Explicit FTPS, Implicit FTPS, SFTP, SCP, HTTP and HTTPS.

Install SFTPPlus MFT today either as an on-premise solution supported on Windows, Linux, Solaris, AIX, HP-UX, MacOS and FreeBSD or on the cloud as Docker containers, AWS instances etc.

Email us at sales@proatria.com to start your evaluation version today.

For licensing queries please contact sales@proatria.com.

Addendum

This resource is written as of SFTPPlus version 3.33.0.

The details in this resource is for guidance only. Influences such as own security policies, requirements, and threat models should be considered when adopting this type of guidance.

• • •

SFTPPlus and its relevance with the OIAC Privacy Act and ASD ISM

Mon 16 April 2018 | australia compliance privacy Written by Hannah Suarez

In this post, we outline two main compliance obligations relevant to Australia - the OIAC Privacy Act and the ASD ISM. For those familiar with other international compliance obligations, such as the GPG13 (Good Practice Guide) provided by the UK or HIPAA (Health Insurance Portability and Accountability Act) provided by the US, they will find the following information useful, especially when handling data and subsequent file transfers with Australian customers.

The following is just an introductory overview focusing on how SFTPPlus can help organizations with these obligations.

About the Privacy Act 1988

The Office of the Australian Information Commissioner (OIAC) administers the Privacy Act 1988. This Act is an Australian law which regulates the handling of personal information about individuals.

According to the OIAC, the Privacy Act includes thirteen Australian Privacy Principles (APPs). These APPs set out standards, rights and obligations for the handling, holding, use, access and correction of personal information including sensitive information. For more details, please refer to the OIAC website.

By ensuring that there is data in-motion encryption, such as the use of SFTP and FTPS in file transfers, organizations and businesses can ensure further security for their file transfers in order to help meet certain obligations indicated within the Privacy Act 1988.

About the ASD ISM

The Australian Signals Directorate (ASD), an intelligence agency in the Australian Government Department of Defence, has provisioned the Information Security Manual (ISM). Originally for government agencies to apply in order to protect ICT systems, the manual can also be of use for the private sector.

For the full documentation and details, please go to the ASD website. This page is based on the 2017 ISM Manual that was updated in November 2017.

Standard Operating Procedures (SOPs)

While the manual itself encompasses a wide range of topics from access controls to the use of ICT equipment, we have mapped components (SOPs) that is of direct or indirect relevance to file transfers involving SFTPPlus.

The following are Standard Operating Procedures (SOPs) as listed from page 36 of the ISM.

Access control

Procedure to be included: Authorising access rights to applications and data.

The SFTPPlus features that will help organizations meet this SOP include; ability to authorize access based on an existing authentication method (such as LDAP or operating system), ability to authorize or via an SFTPPlus application account.

Another example of rolling out proper access authorization is via permissions. User permissions can be set in the application based on extension (such as only making .exe files read-only) and directory (such as only allowing full control for certain folders).

Audit logs

Procedures to be included: Reviewing system audit trails and manual logs, particularly for privileged users.

For each server event that is emitted, this is logged within an audit trail that is available for SFTPPlus administrators. The example log below is of a user authenticating:

| 30014 2018-04-02 10:50:42 Process Unknown 127.0.0.1:50668 New SSH
  connection made.
| 20137 2018-04-02 10:50:42 single-server-uuid 127.0.0.1:50668 Account
  "erica" of type "os" authenticated as "erica" by os authentication
  "Operating System Accounts" using ssh-key.

Note that details such as the date, time, type of connection, type of authentication, account name and more are included in this audit log.

Data Transfers

Procedures to be included: Managing the review of media containing information that is to be transferred off-site. Managing the review of incoming media for viruses or unapproved software.

For the thorough review of media containing sensitive information, it is expected that SFTPPlus be integrated with a DLP (data leak prevention) software and other related policies to help prevent data leaks.

For the review of incoming media, SFTPPlus can also be integrated with antivirus checks as part of a file transfer process.

Our own customers are already integrating with a number of software that monitors and protects the boundary as part of their file transfer infrastructure.

System integrity audit

Procedures to be included: Reviewing user accounts, system parameters and access controls to ensure that the system is secure. Checking the integrity of system software. Testing access controls.

The text configuration server.ini file is available to review all configurations - from the authentication methods, configuration parameters and configuration options right through to the services being used.

The SFTPPlus Local Manager also includes the ability to review any changes made, before applying it to the system.

System maintenance

Procedures to be included: Managing the ongoing security and functionality of system software, including; maintaining awareness of current software vulnerabilities, testing and applying software patches /updates / signatures, and applying appropriate hardening techniques

SFTPPlus upgrades are designed to minimize disruption.

Transport Layer Security (TLS) in the ISM

Page 250 of the ISM details these conditions under which TLS can be used, including FTP over TLS (or in other words, FTPS).

The FTPS service can be configured to ensure meeting this conditions - such as using tls v1.2. To meet the requirement of meeting Perfect Forward Secrecy as determined in page 251 of the ISM, SFTPPlus administrators can explicitly state which SSL ciphers to use. These are cipher suites that implement Perfect Forward Secrecy - Diffie–Hellman key exchange (DHE-RSA, DHE-DSA) or elliptic curve Diffie–Hellman (ECDHE-RSA, ECDHE-ECDSA). Administrators can use the secure configuration option to only ensure the SSL Cipher Suite configuration for the FTPS service is updated to only use the secure ciphers as recommended by the OpenSSL library.

Evaluating SFTPPlus MFT

Thank you for reading about SFTPPlus.

We work with customers, as well as outsourcers (including IBM, HP/DXC, Fujitsu, Tata etc) and integrators, in order to deliver secure file transfer systems. SFTPPlus can be installed as a standalone secure file transfer solution and is also designed to integrate with enterprise systems in complex environments. We are happy to talk to local integrators and distributors who are often the most knowledgeable when it comes to local market needs. While our support hours are based in the UK, one of our focuses is to deliver high quality but low maintenance file transfer software that requires minimal support once configured correctly. Our existing customers have operations in many timezones including UK, USA, Australia, India as well as a large number of European countries.

You can add your email below to sign up for an evaluation trial or get in touch with our Sales team to discuss your options.

• • •

Protecting your SFTPPlus configuration against SWEET32

Fri 02 March 2018 | security Written by Hannah Suarez

Details of attacks on DES (Data Encryption Standard) and Triple DES, Birthday attacks on 64-bit block ciphers were released with the CVE ID of CVE-2016-2183. Read more about the CVE details here).

DES and Triple DES ciphers, used in TLS and SSH protocols and in subsequent relation also used in file transfer products, have a birthday bound of approximately four billion blocks. This makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode. This attack is otherwise known as the "SWEET32" attack.

If your SFTPPlus configuration is vulnerable to these attacks, you will need to ensure that you are on the latest SFTPPlus MFT version 3.xx.xx series and use the following custom configurations outlined below.

From SFTPPlus version 3.31.0, you can use the secure cipher option for the ssl_cipher_list and ssh_cipher_list configurations. The special keyword secure contains all the algorithms that we currently consider secure.

From version 3.32.0, the default secure ssl_cipher_list configuration was updated to HIGH:!PSK:!RSP:!eNULL:!aNULL:!RC4:!MD5:!DES:!3DES:!aDH:!kDH:!DSS where HIGH is defined by upstream OpenSSL.

In this way, when updating the OpenSSL library, you will automatically get an update in the list of secure ciphers without the need to update SFTPPlus.

Exclude DES and Triple-DES from the SSL Cipher List

SFTPPlus relies on OS crypto for the SSL/TLS portion. There is no need to run this configuration if your operating system has already deprecated the use of DES/3DES.

To check if your OpenSSL has DES and 3DES ciphers enabled, check the output of openssl ciphers -v 'DES:3DES'

If DES/3DES are still available in OpenSSL, disable them for SFTPPlus by ensuring that the ssl_cipher_list configuration for the service has the value :!DES:!3DES: added in the list. This will exclude the use of DES and Triple DES as indicated by the ! mark.

For more details about this configuration, please refer to the ssl cipher list configuration option here.

Exclude DES and Triple-DES from the SSH Cipher List

In the ssh_cipher_list configuration for the service, add the value :!DES:!3DES: to exclude the use of DES and Triple DES. There is no need to run this configuration if your operating system has already deprecated the use of DES/3DES.

More details about this configuration for the ssh cipher list here.

Only use TLS 1.2 (for services utilizing TLS/SSL)

In the ssl_allowed_methods option for the associate service, add the value tlsv1.2 to use TLS v1.2.

Ensure that tlsv1.2 is the only value in ssl_allowed_methods so that this component will use TLS v1.2 during the secure communication handshake.

DES ciphers are used in TLS 1.0 and TLS 1.1, but they are not available in TLS 1.2 as noted in RFC 5469.

In the event that you still require communication with services still utilizing TLS 1.1 and/or TLS 1.0, you may add tlsv1.1 and/or tlsv1.0 providing that the DES and Triple-DES ciphers are excluded in the first instance.

More details about this configuration are available in our documentation here.

Confirming the SFTP configurations using openssl s_client

You can use openssl s-client, a diagnostic tool.

Connect via openssl s_client -cipher 3DES -connect site:port to check that 3DES is disabled.

To check the TLS version, the output will also reveal which TLS version is being used:

SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1519733544
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)

Confirming the FTPS configurations using curl

If you wish to use curl instead, there are two tests that you can run once these options are saved in your development lab.

Run curl with the excluded ciphers DES-CBC3-SHA and check that you cannot complete the operation.

curl -v --ftp-ssl -k ftp://user@domain:port --ciphers DES-CBC3-SHA

Run curl with the allowed TLS version and check that you are able to complete the operation.

curl -v --ftp-ssl -k ftp://user@domain:port --tlsv1.2

Using --tlsv1.0 should fail the operation.

Confirming the configuration from the log

SFTPPlus configurations can also be confirmed via the log. For this issue, it should be done more as a supplementary step rather than as a sole point of confirmation of your configuration changes.

From the client-shell:

| SFTPPlus (3.30.0) file transfer client shell
| > connect
| 20140 2018-02-04 10:23:03 uuid Process 0.0.0.0:0 Connecting resource "ftpse".
| 10102 2018-02-04 10:23:03 uuid user localhost:10021 Location ftpse connected
  to the FTP server.
| 10106 2018-02-04 10:23:03 uuid user localhost:10021 Connection to FTP/FTPS
  was authenticated for location ftpse. Protected using TLSv1.2
  ECDHE-RSA-AES256-GCM-SHA384.
  Server certificate: (4) C=UK/O=ACME/CN=myserver.

From the server-side log:

| 10067 2018-02-04 10:23:03 Process Unknown 127.0.0.1:55555 Client initiating
  authentication as "user".Command protected using TLSv1.2
  ECDHE-RSA-AES256-GCM-SHA384.
  Client certificate: (2) C=GB/O=ACME/CN=myclient

The logs above indicate that TLSv1.2 was used alongside the list of ciphers ECDHE-RSA-AES256-GCM-SHA384. Please note that just because TLSv1.2 is used, it does not indicate that other TLS versions are disabled.

Evaluating SFTPPlus MFT

Security is a priority to SFTPPlus MFT.

With our software, not only will you have access to a secure file transfer product, but our specialist consultants are available for your secure file transfer needs.

SFTPPlus MFT Server supports FTP, Explicit FTPS, Implicit FTPS, SFTP, SCP, HTTP and HTTPS.

SFTPPlus MFT is available as an on-premise solution supported on Windows, Linux, AIX, OS X, Solaris, HP-UX, and FreeBSD. Please add your email below to sign up for an evaluation trial.

• • •