Tuesday, November 18, 2014

IT: SSL 3.0 "Poodle" Vulnerability

My new gig is keeping me pretty busy.  Here's a bit I wrote on the Poodle SSL vulnerability today.



What is the vulnerability?
SSL 3.0’s block cipher encryption is vulnerable to a padding attack.  With this technique an attacker with access to the network path between client and server can decode the contents of an encrypted message by forcing it to be retransmitted many times.

To make this work, at a minimum, the attacker must be able to intercept and modify the network traffic sent by the client to the remote server.  (Examples of this include unencrypted wi-fi or access to the physical network between server and client.)  Additionally, this attack requires very large numbers of requests (hundreds to tens of thousands) to be sent to the remote server.  As such, the attack is really only feasible if the attacker also has the ability to run malicious code (i.e. JavaScript) on the client.

How does it work?
First, the attacker has to get the user to run their malicious code.  This can be accomplished by a man-in-the-middle attack against an unencrypted site.
Next, the code makes a connection to a secure site whose request they wish to decode.
Then the attacker must trick the client into using SSL 3.0 to talk to the remote server.  This is accomplished by interrupting or corrupting requests for a TLS connection.
Once the SSL connection is opened, the attacker changes the SSL request by changing a single byte of the stream, their “guess”, and adding additional padding to the SSL stream they want to decode.
-          If the attacker has guessed the SSL-encrypted byte improperly, the SSL connection will fail and disconnect.
-          If the attacker has guessed that byte properly, the SSL connection succeeds.
This pattern repeats until the SSL request has been decoded.  Each “Guessed” byte is a random value between 0 and 255, so decoding a 64 character request can take up to 16,000 attempts to complete, depending on the luck of the attacker.
Finally the malicious code will report back the decoded request to the attacker. [1]

What Protocols are vulnerable?
SSL 3.0

Is TLS 1.0 vulnerable?
With SSL 3.0 disabled, no.  TLS 1.0 has a built-in fail-back to SSL 3.0 if TLS negotiation fails.  An attacker can only leverage this failback if both TLS 1.0 AND SSL 3.0 are enabled.  This risk is eliminated when SSL 3.0 is disabled.

How acute is this Vulnerability?
Microsoft’s position is that there are no secure ciphers remaining in SSL 3.0, and it should be disabled.[3]
SANS’ position, from the CVE summary, is slightly more nuanced.[2]
“What should you do: Disable SSLv3. There is no patch for this. SSLv3 has reached the end of its useful life and should be retired.

This isn't a "patch now". Give it some time, test it carefully, but get going with it. The other problem is that this is a client and a server issue. You need to disable SSLv3 on either. Start with the servers for highest impact, but then see what you can do about clients.”

What is the impact of disabling SSL 3.0?
Clients that do not support TLS 1.0 or above will fail to connect.  This specifically includes Internet Explorer 6.0.  I call attention to this browser specifically as it still has a non-trivial installed base, comprising 1.6% of all internet traffic in October 2014.[5]

How do I disable SSL 3.0 on Clients?
-          SSL 3.0 can be disabled in Internet Explorer using a check box on the advanced tab of the Internet Options Panel.
-          Other OS Components
o   Web Browsers are the most likely target for attack, but are not the only components that use SSL.
o   The Windows operating system provides a library called Schannel to handle client encryption.
o   The SSL 3.0 Schannel client can be disabled using the registry key [3]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client] "Enabled"=dword:00000000


o   If SSL 3.0 schannel is disabled, this overrides the checkbox in Internet Explorer.
-          Non-OS Components
o   Not all applications use Microsoft’s schannel library.  These applications are not mitigated by the registry key above.
o   Mitigating these is application specific.
§  As an example, Mozilla has published the SSL Version Control Add-On to disable SSL 3.0 in their Firefox browser.

How can I prevent this attack against my Webservers?
i.e. How can I protect mydomain.com users from having their information stolen in this manner?
-          Disable SSL 3.0 in your web servers.
-          This can be completed with the registry key [3]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server] "Enabled"=dword:00000000


What is the risk of disabling SSL 3.0?
-          A small number of web servers or web clients may not have TLS 1.0 enabled.
o   Most notably, Internet Explorer 6.0 did not have TLS 1.0 enabled by default.
-          TLS 1.0 is 15 years old.[4]  It has been enabled by default since Windows Server 2003, and in all versions of Internet Explorer 7 or greater.
o   The risk of disabling SSL 3.0 on clients is vanishingly small.
o   The risk of disabling SSL 3.0 on servers is small.
o   Neither change is completely without risk.

References

Thursday, November 13, 2014

IT Quickie: DiskProbe for Windows 7 / 8 / 8.1 / 2008+ Direct from Microsoft

DiskProbe (DskProbe.exe) is a low level disk sector editor published by Microsoft.  It was released originally as part of the Windows support tools for Windows NT 4.  It is a really handy tool for rebuilding an erased partition table, fix a busted MBR, fix a partition's boot sector, or just poke around on the disk.

Microsoft released versions for NT 4, Windows 2000, Windows 2003, and Windows XP.   Unfortunately, they have not released a version for 2008+, or Windows 7, 8, 8.1+.

Here is how you get a version that will run on Windows 7/8+ 32 and 64 bit, straight from Microsoft, malware free.
This Product can be installed only on Windows XP

  • Next, make a folder.  I chose c:\users\v-elgree\SupportTools
  • Run the downloaded executable with the options to extract the files to the folder you created.
  • WindowsXP-KB838079-SupportTools-ENU.exe /C /T:c:\users\v-elgree\SupportTools
  • Next, we'll extract DskProbe from the Cab files inside that package.
  • expand c:\users\v-elgree\SupportTools\support.cab c:\users\v-elgree\SupportTools -F:DSK*

  • That's it.  Open your folder and there's DskProbe.exe
    • Remember to run it as Administrator.

If you really want to dig into this, take a look at Chapter 12 "File Systems" of the Windows Internals books.  In the current edition this chapter is in the second book. 


The learning curve on using this is steep, and it's as user friendly as an angry porcupine.  You can very easily irreparably lose data with it.  You can also fix a lot of things and be a rock star.

Closing Thought:  
- Backup.  Backup?  Backup!

Thursday, November 6, 2014

IT: Find Empty Directories with Powershell

Today I was plugging along and got to use some PowerShell from the fine folks over at the PowerShell Tip Blog on Technet.


It's supposed to return a list of all of the empty directories in a path.
$a = Get-ChildItem C:\Scripts -recurse | Where-Object {$_.PSIsContainer
    -eq $True}
$a | Where-Object {$_.GetFiles().Count -eq 0} | Select-Object FullName

Unfortunately, it really is only returning a list of all the directories with no files in them.  It will happily return a directory that has 100 other directories inside it. :(

This modified code returns a list of no-for-reals-I-mean-it empty directories... And it works!


$a = Get-ChildItem C:\Scripts -recurse | Where-Object {$_.PSIsContainer
    -eq $True}
$a | Where-Object {$_.GetFiles().Count -eq 0 -and $_.GetDirectories().Count
    -eq 0} | Select-Object FullName
 

Tuesday, November 4, 2014

Idea: Enabling Transatlantic Autonomous Balloon Flight

In light of my current workload, I am unable to develop a recent idea and present it here for whoever will pick up the torch.

For background, you should have a look at this Wikipedia article:
http://en.wikipedia.org/wiki/Spirit_of_Knoxville

The problem is that the balloon changes buoyancy because it gets warmer/expands/rises during the day and cooler/shrinks/falls during the evening.  The project team addresses this by dropping liquid ballast during the evening and (IIRC) purging gas during the day.

They made it 90% of the way across the Atlantic before running out of ballast.  That's really cool.

It occurred to me that dropping ballast is really sub-optimal.  What you really want to do here is to dynamically change the density of the craft so that it displaces more or less air depending on the temperature.  There are a couple of ways to do this.  The straightforward solution would be an onboard compressor that can reduce the amount of gas in the flight envelope.  This is not a lightweight or cheap solution.

My gee-whiz moment was the realization that you could store the excess gas as water if you use hydrogen.  When you need additional gas (in the evening), electrolyze it apart in a split cell and route the hydrogen to the flight envelope.

Electrolyzing water to generate gas should get you more bang* for your pound-of-payload weight than just dropping it.
* - Hydrogen pun.


It's also technically feasible, though not easy, to burn** the hydrogen in a controlled way and recapture the water to allow very long (circumnavigation) flight durations.

**Platinum catalyzed combination with atmospheric Oxygen.  Still really hot, but not as hot as a flame.  The hard part is that you have to get rid of the heat to condense the steam into liquid water in a pressurized environment.  It has to be pressurized because the atmospheric pressure is negligible and the liquid water in the electrolytic cell will boil off.


The open feasibility questions are "does our battery technology permit the energy density required for this?" and bounce it against the Ideal gas law to make sure that a reasonable volume of water in the cell produces a reasonable volume of Hydrogen.

Good luck, let me know if you try it.

Book I read: The Case for Mars

Happy Birthday to me!

This morning I finished "The Case for Mars".

This book makes the case that the US had current technology available in 1996 that would enable Human exploration of Mars within 10 years, and Long term colonization within a generation.  It is written with a missionary's zeal, and the author's optimism shines through despite the bureaucracy he faced.

I wish very much that we would have pushed these ideas further during the dot-com boom.

IT: More Local Security Settings in Group Policy

I am working for a customer that wanted me to setup a baseline group policy for their new workstations.  One of the settings they asked for was to Disable IP source routing.  There is no out-of-the-box knob to control this with Group Policy.

I was ready to write a .ADMx for it, but I stumbled across another solution.  If you install Microsoft's Security Compliance manager, there is an MSI that contains a script to add this (and other) settings.

So first download SCM from http://technet.microsoft.com/en-us/library/cc677002.aspx.  I installed version 3.0, not the new Windows 2012 Beta.  Next, Install it.  I received an installer warning related to the version of SQL included.  Despite the warning, it installed successfully on a Windows 8.1 VM with no issues.

Once installed, you can find the .MSI for script that installs the new settings in 
c:\Program Files (x86)\Microsoft Security Compliance Manager\LGPO\LGPO.msi.

Install this MSI package to the machine you use for GPO Management.  SCM is not required on that machine.  Once installed, the final step is to run the vbscript.  Open an administrative command prompt and run these commands.

cd c:\Program Files (x86)\LocalGPO
cscript LocalGPO.wsf /ConfigSCE


That is it.  The new settings are installed.  I do not love this solution, as it creates something else that has to be installed.  In my humble opinion, an ADMX file would be a better solution.  On the other hand it matches the customer's request perfectly and is supported; I'm going with it.

Once installed, you have a couple of dozen shiny new settings in GPMC.  All of these MSS settings are new.


HTH.