Over 80% websites in the internet are vulnerable to hacks and attacks. In our role as hosting support engineers for web hosts, we perform periodic security scans and updates in servers to protect them from hacks.
A recent bug that affects the servers is the SWEET32 vulnerability. By exploiting a weak cipher ‘3DES-CBC’ in TLS encryption, this bug has caused many server owners to panic about their data security.
If you see that your website is failing security scans with this message, that means your server is vulnerable to SWEET32 attacks.
“SSL/TLS server supports short block sizes (SWEET32 attack)”
What is SWEET32 Birthday Attack?
By default, servers have ‘3DES-CBC’ cipher enabled in TLS. This makes HTTPS connections in those servers vulnerable to this SWEET32 bug.
Hackers can then easily decrypt your valuable data using a method called Birthday Attack. Here’s how it works:
The web server encrypts data using cryptographic keys. These keys are chosen randomly, and the probability of any two customers getting the same key is very low.
By misusing the SWEET32 vulnerability, an attacker can send in large volume of dummy data, and get blocks of cipher text that matches that of a customer.
To break it down:
- The attacker sniffs all data sent to your customer.
- Attacker sends dummy data to your server until a key used for a customer matches the attacker’s session key.
- Once there’s a match, sensitive data can be decrypted by determining how the key was chosen.
Are your servers vulnerable to SWEET32 attack?
OpenSSL protocol uses the vulnerable ‘Triple-DES’ ciphers for encrypting the data. So if your web servers such as Apache, NginX, etc. uses OpenSSL with the vulnerable ‘Triple-DES’ cipher support, your server is susceptible to attack.
If your servers are running OpenSSL versions prior to 1.0.1, which cannot support strong ciphers, your servers are already vulnerable to many other attacks too, such as CCS Injection Vulnerability.
The first thing we do, is check the version of OpenSSL server:
root@host ~ $ openssl version OpenSSL 1.0.1f 6 Jan 2014
To examine the ciphers that are enabled in the OpenSSL server, we use the ‘nmap’ command. The code ‘3DES’ indicate cipher suites that use triple DES encryption. These are the ones we disable for server security.
How to fix SWEET32 vulnerability
To secure the confidential information from this critical SWEET32 birthday attack vulnerability, we disable all 64-bit block weak ciphers. For enhanced security, we allow only strong ciphers such as AES.
Though OpenSSL has disabled support for weak ciphers from version 1.1.0 release onwards, we’ve seen many servers still running older versions that are vulnerable.
For the servers that we manage, our expert technicians keep all server software updated, to protect them from attacks. If your servers are running vulnerable versions, you should disable these weak ciphers without delay.
[ Don’t wait for an attack to strike. Secure your servers right now! Our world class server security specialists are here to protect your servers. ]
How we secure Apache and Nginx web servers from SWEET32 bug
In servers that are running Apache web server, here is how we secure them:
- Edit the Apache SSL configuration file at ‘ /etc/apache2/mods-available/ssl.conf ‘
- Go to the SSL section and ensure that old protocols such as SSLv2 and SSLv3 are disabled.
- Go to the CIPHER text section and update the entry with the relevant ‘SSLCipherSuite’.
- Restart the Apache web server.
In servers with NginX web server, we do these steps:
- Edit the Nginx configuration file ‘/etc/nginx/nginx.conf’.
- Go to the SSL section, set the secure protocols and update the Cipher text with the relevant ‘ciphers’ list.
- Restart the web server after saving the new settings.
How to fix SWEET32 bug in RedHat and CentOS servers
RedHat and CentOS servers use their own OpenSSL package, which is updated from their repository using ‘yum’ command. But RHEL/CentOS 5,6,7 versions use vulnerable OpenSSL packages.
To know the version of OpenSSL package in the server, we execute the command:
root@host ~ $ rpm -qa | grep openssl openssl-0.9.8e-20.el5_7.1
To immediately mitigate the attack until the new OpenSSL secure package is made available in RedHat and CentOS repositories, we disable the weak ciphers in the services that use SSL.
The services we update with strong ciphers include web servers such as Apache and NginX, mail servers such as Exim, POP/IMAP server, FTP server, etc.
Fixing SWEET32 vulnerability in Debian and Ubuntu servers
Ubuntu has different versions and the OpenSSL packages available in them are:
Ubuntu 15.10:libssl1.0.0 1.0.2d-0ubuntu1.2 Ubuntu 15.04:libssl1.0.0 1.0.1f-1ubuntu11.5 Ubuntu 14.04 LTS:libssl1.0.0 1.0.1f-1ubuntu2.16 Ubuntu 12.04 LTS:libssl1.0.0 1.0.1-4ubuntu5.32
To check the version of OpenSSL package in the server, we use the command:
dpkg -s openssl
If it is running older vulnerable versions, we update the OpenSSL package to the latest supported version.
The latest secure OpenSSL version is not yet available in these packages. So, as an immediate mitigation, we disable the weak ciphers in all public services with OpenSSL support.
Securing your OpenSUSE servers from SWEET32 bug
In OpenSUSE, the ‘zypper’ tool helps us to update and install the latest OpenSSL packages in the server.
We use this command to update your Suse server:
# zypper in -t patch secsp3-openssl1-12539=1
To mitigate the SWEET32 vulnerability, we disable the 3DES and other weak ciphers from all the public SSL based services.
How to protect your IIS webserver from SWEET32 bug
To disable weak ciphers in Windows IIS web server, we edit the Registry corresponding to it. Here is how to do that:
- Click Start, click Run, type ‘regedit’ in the Open box, and then click OK.
- Locate the following security registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL
Go to the ‘SCHANNEL\Ciphers subkey’, which is used to control the ciphers such as DES and RC4.
Edit the subkey ‘SCHANNEL\Ciphers\Triple DES 168’ and set the DWORD value data to 0x0.
Registry edits are done very carefully, as any mistake can cause the server to become non-functional. Server restarts maybe required for the updates to come into effect.
[ Secure your server now and avoid a catastrophe! Our 24/7 expert technicians are here to safeguard your servers from an attack. ]
The steps to restrict the ciphers and edit registry can vary with the Windows version in your server. It is therefore recommended to do it only with expert assistance.
At Bobcares, our security experts are specialized in securing the servers of our customers. By taking proper backups of the registry and other relevant config, we ensure that the servers do not get messed up.
SWEET32 is a vulnerability in 3DES-CBC ciphers, which is used in most popular web servers. Today we’ve seen how we fix it in popular operating systems and web servers.
Older operating systems such as Windows XP use 3DES-CBC to establish connections. Researchers have shown that these connections can be easily decrypted.
Bobcares helps online businesses of all sizes achieve world-class security and uptime, using tried and tested solutions. If you’d like to know how to make your server more reliable, we’d be happy to talk to you.