Secure apache against CVE-2011-3389 aka Beast attack

During the summer rumours about a new attack against SSL started circulating (CVE-2011-3389).
As it turns out, the attack itself was conceived years ago, deemed impractical, but it was nevertheless fixed in TLS 1.1. The new attack technique introduced a few optimizations to make it practical.

In terms of mitigation, I expect this problem will be largely addressed on the client side, despite a potential compatibility problem that may cause some TLS sites to stop working.

With this config you can avoid that attack.

SSLProtocol all -SSLv2
SSLHonorCipherOrder On
SSLCipherSuite ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM:!SSLV2:!eNULL

#NO Longer needed cause since IE 7 this works ;) 
#SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown

With OpenSSL 1.0.1 it must be

SSLCipherSuite ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH

7 thoughts on “Secure apache against CVE-2011-3389 aka Beast attack

  1. Well I haven’t figured out how to use 256 bit again. This leaves only 128 bit.

  2. The Problem is in the CBC mode of all Block Chiffres. So the fix is to prefer RC4-128-SHA (which is a stream chiffre). I dont see how AES256 would help.

    BTW: PReferences for RC4 is a Google.com default for years. Not only because it is low cpu.

    Bernd

  3. Oh I actually found the answer, the AES256 are supposed to be TLSv1.2 ciphers (which is not supported by OpenSSL yet). with TLS 1.2 it is not vulnerable, of course.

  4. With OpenSSL 1.0.
    it must be
    SSLCipherSuite ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH

  5. what about this line?
    SetEnvIf User-Agent “.*MSIE.*” nokeepalive ssl-unclean-shutdown

    adding this in causes all IE browsers to not use keepalive resulting in slower load times for all requests (not just SSL ones) is there a solution to this issue? i’ve searched and tried wrapping it in IFmodule mod_ssl.c tags but that didnt work.

    then i tried this instead, it works but not sure its proper
    BrowserMatch “MSIE [1-4]” nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
    BrowserMatch “MSIE [5-9]” ssl-unclean-shutdown

    Thoughts?

    John

    1. That is not needed anymore. From IE 7 on IE supports keep Alive with
      SSL and apache. So kick that out of the apache config.

Leave a Reply

Your email address will not be published. Required fields are marked *