policy/protocols/ssl/weak-keys.bro

SSL

Generate notices when SSL/TLS connections use certificates, DH parameters, or cipher suites that are deemed to be insecure.

Namespace:SSL
Imports:base/frameworks/notice, base/protocols/ssl, base/utils/directions-and-hosts.bro
Source File:/scripts/policy/protocols/ssl/weak-keys.bro

Summary

Runtime Options

SSL::notify_dh_length_shorter_cert_length: bool &redef Warn if the DH key length is smaller than the certificate key length.
SSL::notify_minimal_key_length: count &redef The minimal key length in bits that is considered to be safe.
SSL::notify_weak_keys: Host &redef The category of hosts you would like to be notified about which are using weak keys/ciphers/protocol_versions.
SSL::tls_minimum_version: count &redef Warn if a server negotiates a SSL session with a protocol version smaller than the specified version.
SSL::unsafe_ciphers_regex: pattern &redef Warn if a server negotiates an unsafe cipher suite.

Redefinitions

Notice::Type: enum  

Detailed Interface

Runtime Options

SSL::notify_dh_length_shorter_cert_length
Type:bool
Attributes:&redef
Default:T

Warn if the DH key length is smaller than the certificate key length. This is potentially unsafe because it gives a wrong impression of safety due to the certificate key length. However, it is very common and cannot be avoided in some settings (e.g. with old jave clients).

SSL::notify_minimal_key_length
Type:count
Attributes:&redef
Default:2048

The minimal key length in bits that is considered to be safe. Any shorter (non-EC) key lengths will trigger a notice.

SSL::notify_weak_keys
Type:Host
Attributes:&redef
Default:LOCAL_HOSTS

The category of hosts you would like to be notified about which are using weak keys/ciphers/protocol_versions. By default, these notices will be suppressed by the notice framework for 1 day after a particular host has had a notice generated. Choices are: LOCAL_HOSTS, REMOTE_HOSTS, ALL_HOSTS, NO_HOSTS

SSL::tls_minimum_version
Type:count
Attributes:&redef
Default:769

Warn if a server negotiates a SSL session with a protocol version smaller than the specified version. By default, the minimal version is TLSv10 because SSLv2 and v3 have serious security issued. See https://tools.ietf.org/html/draft-thomson-sslv3-diediedie-00 To disable, set to SSLv20

SSL::unsafe_ciphers_regex
Type:pattern
Attributes:&redef
Default:
/^?((_EXPORT_)|(_RC4_))$?/

Warn if a server negotiates an unsafe cipher suite. By default, we only warn when encountering old export cipher suites, or RC4 (see RFC7465).

Copyright 2016, The Bro Project. Last updated on January 10, 2019. Created using Sphinx 1.7.5.