Table of Contents for
Network Security Assessment, 3rd Edition

Version ebook / Retour

Cover image for bash Cookbook, 2nd Edition Network Security Assessment, 3rd Edition by Chris McNab Published by O'Reilly Media, Inc., 2016
  1. nav
  2. Cover
  3. Network Security Assessment
  4. Network Security Assessment
  5. section
  6. Preface
  7. 1. Introduction to Network Security Assessment
  8. 2. Assessment Workflow and Tools
  9. 3. Vulnerabilities and Adversaries
  10. 4. Internet Network Discovery
  11. 5. Local Network Discovery
  12. 6. IP Network Scanning
  13. 7. Assessing Common Network Services
  14. 8. Assessing Microsoft Services
  15. 9. Assessing Mail Services
  16. 10. Assessing VPN Services
  17. 11. Assessing TLS Services
  18. 12. Web Application Architecture
  19. 13. Assessing Web Servers
  20. 14. Assessing Web Application Frameworks
  21. 15. Assessing Data Stores
  22. A. Common Ports and Message Types
  23. B. Sources of Vulnerability Information
  24. C. Unsafe TLS Cipher Suites
  25. Glossary of Terms
  26. Index
  27. About the Author
  28. Colophon

Appendix C. Unsafe TLS Cipher Suites

TLS implementations are often found to support weak cipher suites. Adversaries with network access can exploit vulnerabilities within these to decrypt ciphertext via man-in-the-middle in particular. The suites listed in Tables C-1 through C-3 lack authentication (anonymous ciphers), perform symmetric encryption using no key (null ciphers), and operate in an exploitable manner (export-grade ciphers). As such, they should be avoided and not exist within modern environments.

Table C-1. TLS anonymous cipher suites
Code Name Code Name
0x0017 TLS_DH_Anon_EXPORT_WITH_RC4_40_MD5 0x0089 TLS_DH_Anon_WITH_CAMELLIA_256_CBC_SHA
0x0018 TLS_DH_Anon_WITH_RC4_128_MD5 0x009B TLS_DH_Anon_WITH_SEED_CBC_SHA
0x0019 TLS_DH_Anon_EXPORT_WITH_DES40_CBC_SHA 0x00A6 TLS_DH_Anon_WITH_AES_128_GCM_SHA256
0x001A TLS_DH_Anon_WITH_DES_CBC_SHA 0x00A7 TLS_DH_Anon_WITH_AES_256_GCM_SHA384
0x001B TLS_DH_Anon_WITH_3DES_EDE_CBC_SHA 0xC015 TLS_ECDH_Anon_WITH_NULL_SHA
0x0034 TLS_DH_Anon_WITH_AES_128_CBC_SHA 0xC016 TLS_ECDH_Anon_WITH_RC4_128_SHA
0x003A TLS_DH_Anon_WITH_AES_256_CBC_SHA 0xC017 TLS_ECDH_Anon_WITH_3DES_EDE_CBC_SHA
0x0046 TLS_DH_Anon_WITH_CAMELLIA_128_CBC_SHA 0xC018 TLS_ECDH_Anon_WITH_AES_128_CBC_SHA
0x006C TLS_DH_Anon_WITH_AES_128_CBC_SHA256 0xC019 TLS_ECDH_Anon_WITH_AES_256_CBC_SHA
0x006D TLS_DH_Anon_WITH_AES_256_CBC_SHA256  
Table C-2. TLS null cipher suites
Code Name Code Name
0x0000 TLS_NULL_WITH_NULL_NULL 0x00B4 TLS_DHE_PSK_WITH_NULL_SHA256
0x0001 TLS_RSA_WITH_NULL_MD5 0x00B5 TLS_DHE_PSK_WITH_NULL_SHA384
0x0002 TLS_RSA_WITH_NULL_SHA 0x00B8 TLS_RSA_PSK_WITH_NULL_SHA256
0x002C TLS_PSK_WITH_NULL_SHA 0x00B9 TLS_RSA_PSK_WITH_NULL_SHA384
0x002D TLS_DHE_PSK_WITH_NULL_SHA 0xC006 TLS_ECDHE_ECDSA_WITH_NULL_SHA
0x002E TLS_RSA_PSK_WITH_NULL_SHA 0xC00B TLS_ECDH_RSA_WITH_NULL_SHA
0x003B TLS_RSA_WITH_NULL_SHA256 0xC010 TLS_ECDHE_RSA_WITH_NULL_SHA
0x0047 TLS_ECDH_ECDSA_WITH_NULL_SHA 0xC015 TLS_ECDH_Anon_WITH_NULL_SHA
0x0082 TLS_GOSTR341094_WITH_NULL_GOSTR3411 0xC039 TLS_ECDHE_PSK_WITH_NULL_SHA
0x0083 TLS_GOSTR341001_WITH_NULL_GOSTR3411 0xC03A TLS_ECDHE_PSK_WITH_NULL_SHA256
0x00B0 TLS_PSK_WITH_NULL_SHA256 0xC03B TLS_ECDHE_PSK_WITH_NULL_SHA384
0x00B1 TLS_PSK_WITH_NULL_SHA384  
Table C-3. TLS export-grade cipher suites
Code Name Code Name
0x0003 TLS_RSA_EXPORT_WITH_RC4_40_MD5 0x0029 TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5
0x0006 TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 0x002A TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5
0x0008 TLS_RSA_EXPORT_WITH_DES40_CBC_SHA 0x002B TLS_KRB5_EXPORT_WITH_RC4_40_MD5
0x000B TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA 0x0060 TLS_RSA_EXPORT1024_WITH_RC4_56_MD5
0x000E TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA 0x0061 TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5
0x0011 TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA 0x0062 TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
0x0014 TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA 0x0063 TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA
0x0026 TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA 0x0064 TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
0x0027 TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA 0x0065 TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA
0x0028 TLS_KRB5_EXPORT_WITH_RC4_40_SHA