Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
bmekler
New Contributor III

ROBOT vulnerability mitigation?

I have a 100D running 5.4.8 with an HTTPS type virtual server VIP, and https://www.ssllabs.com/ssltest/analyze.html is marking the site in question as vulnerable to ROBOT (Return of Bleichenbacher's Oracle Threat) attack. The VIP settings are currently set as follows:

 

        set ssl-mode full         set ssl-dh-bits 2048         set ssl-algorithm high         set ssl-server-algorithm client         set ssl-pfs allow         set ssl-min-version tls-1.0         set ssl-max-version tls-1.2         set ssl-server-min-version client         set ssl-server-max-version client         set ssl-send-empty-frags enable         set ssl-client-fallback enable         set ssl-client-renegotiation secure         set ssl-client-session-state-type both         set ssl-client-session-state-timeout 30         set ssl-client-session-state-max 1000         set ssl-server-session-state-type both         set ssl-server-session-state-timeout 60         set ssl-server-session-state-max 100

Fortinet's official advisory is that FortiOS is not affected ( https://fortiguard.com/psirt/FG-IR-17-302%20 ) - is this a false positive on the part of SSLLabs, or is it true, and if yes, what can be done to mitigate it?

1 REPLY 1
boneyard
Valued Contributor

did you open a ticket with support? in principle it seems RSA ciphers are vulnerable and those are offered with a normal virtual server.

 

mitigation is possible to selecting non RSA ciphers

 

config firewall vip     edit "vsrv-name"         …         …         set ssl-algorithm custom         config ssl-cipher-suites             edit 1                 set cipher TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA             next             edit 2                 set cipher TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256             next             edit 3                 set cipher TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256             next             edit 4                 set cipher TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA             next             edit 5                 set cipher TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384             next             edit 6                 set cipher TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384             next             edit 7                 set cipher TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA             next             edit 8                 set cipher TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256             next             edit 9                 set cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256             next             edit 10                 set cipher TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384             next             edit 11                 set cipher TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384             next             edit 12                 set cipher TLS-DHE-RSA-WITH-AES-128-CBC-SHA             next             edit 13                 set cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA             next             edit 14                 set cipher TLS-DHE-RSA-WITH-AES-128-CBC-SHA256             next             edit 15                 set cipher TLS-DHE-RSA-WITH-AES-128-GCM-SHA256             next             edit 16                 set cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA256             next             edit 17                 set cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384             next         end         ssl-client-renegotiation secure     next end

gets you a A on ssl labs

Top Kudoed Authors