weak-keys.zeek¶

SSL¶

Generate notices when SSL/TLS connections use certificates, DH parameters, or cipher suites that are deemed to be insecure.

Namespace:	SSL
Imports:	base/frameworks/notice, base/protocols/ssl, base/utils/directions-and-hosts.zeek

Summary¶

Runtime Options¶

`SSL::notify_dh_length_shorter_cert_length`: `bool` `&redef`	Warn if the DH key length is smaller than the certificate key length.
`SSL::notify_minimal_key_length`: `count` `&redef`	The minimal key length in bits that is considered to be safe.
`SSL::notify_weak_keys`: `Host` `&redef`	The category of hosts you would like to be notified about which are using weak keys/ciphers/protocol_versions.
`SSL::tls_minimum_version`: `count` `&redef`	Warn if a server negotiates a SSL session with a protocol version smaller than the specified version.
`SSL::unsafe_ciphers_regex`: `pattern` `&redef`	Warn if a server negotiates an unsafe cipher suite.

Redefinitions¶

Notice::Type: enum

Detailed Interface¶

Runtime Options¶

SSL::notify_dh_length_shorter_cert_length¶

Type:	`bool`
Attributes:	`&redef`
Default:	`T`

Warn if the DH key length is smaller than the certificate key length. This is potentially unsafe because it gives a wrong impression of safety due to the certificate key length. However, it is very common and cannot be avoided in some settings (e.g. with old jave clients).

SSL::notify_minimal_key_length¶

Type:	`count`
Attributes:	`&redef`
Default:	`2048`

The minimal key length in bits that is considered to be safe. Any shorter (non-EC) key lengths will trigger a notice.

SSL::notify_weak_keys¶

Type:	`Host`
Attributes:	`&redef`
Default:	`LOCAL_HOSTS`

The category of hosts you would like to be notified about which are using weak keys/ciphers/protocol_versions. By default, these notices will be suppressed by the notice framework for 1 day after a particular host has had a notice generated. Choices are: LOCAL_HOSTS, REMOTE_HOSTS, ALL_HOSTS, NO_HOSTS

SSL::tls_minimum_version¶

Type:	`count`
Attributes:	`&redef`
Default:	`769`

Warn if a server negotiates a SSL session with a protocol version smaller than the specified version. By default, the minimal version is TLSv10 because SSLv2 and v3 have serious security issued. See https://tools.ietf.org/html/draft-thomson-sslv3-diediedie-00 To disable, set to SSLv20

SSL::unsafe_ciphers_regex¶

Type:	`pattern`
Attributes:	`&redef`
Default:	/^?((_EXPORT_)\|(_RC4_))$?/

Warn if a server negotiates an unsafe cipher suite. By default, we only warn when encountering old export cipher suites, or RC4 (see RFC7465).