The DROWN Attack: Another SSL Vulnerability

We all know that SSLv2 is supremely broken and not recommended for use on any network, but (surprisingly or not) it's still being used on many web servers today.  One of the reasons it's used is ...
Published Mar 01, 2016
Version 1.0
LTM
security
David_Remington's avatar
David_Remington
Icon for Employee rankEmployee
Mar 02, 2016
It is important to note that it *is* possible to configure a BIG-IP to negotiate SSLv2. On all currently supported versions (and indeed even for all versions > 9.0) SSLv2 has not been in the DEFAULT or NATIVE cipher suites. However, up through v11 the product is distributed with a COMPAT suite of ciphers which include SSLv2. Customers who are concerned about this can examine their clientssl profiles to ensure that they do not include the COMPAT or COMPAT+EXP ciphers. If they need assistance determining if their cipher string includes these weak protocols they can use the secret decoder ring starting on page 8 of the SSL Everywhere Recommended Practices Guide: (https://f5.com/Portals/1/Premium/Architectures/RA-SSL-Everywhere-deployment-guide.pdf) To determine which ciphers are available by version, reference these SOLs v10: SOL 11444 (https://support.f5.com/kb/en-us/solutions/public/11000/400/sol11444.html) v11-12: SOL 13163 (https://support.f5.com/kb/en-us/solutions/public/13000/100/sol13163.html) -dave