Follow

"Logjam", the HTTPS-crippling attack vulnerability

Update on “Logjam” HTTPS-crippling attack vulnerability

Important announcement about the security of your Sonian Archive Account

On 20th May 2015 a security vulnerability was discovered which required immediate action on our part to review and address.  No data was compromised, but our updates may require action and testing on your part to continue secure communication.. Full details below.

Published details on the vulnerability can be found here:

Sonian considers data security its primary responsibility, and we want to make you aware of a recent security issue affecting internet communications, nicknamed ‘Logjam’. On Wednesday 20th May, this  vulnerability which  potentially affects tens of thousands of HTTPS-protected websites, mail servers, and other widely used Internet services was discovered.  A team of computer scientists has determined that Logjam renders these servers and services vulnerable to a new attack that lets eavesdroppers read and modify data passing through encrypted connections,

What Sonian has done.

We are currently preparing our environments to be updated with patches that will protect the services from this vulnerability.

Based on industry recommendations, we are limiting the ciphersuites that Sonian will support.  

What you should do.

Please review the suites listed below to identify if any match your environments. If you utilise ciphersuites not listed, we may not be able to communicate securely.

                        TLS_DHE_DSS_WITH_AES_128_CBC_SHA

                        TLS_DHE_RSA_WITH_AES_128_CBC_SHA

                        TLS_DHE_DSS_WITH_AES_256_CBC_SHA

                        TLS_DHE_RSA_WITH_AES_256_CBC_SHA

                        TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA

                        TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA

                        TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA

                        TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA

                        TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA

                        TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA

                        TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA

                        TLS_ECDH_RSA_WITH_AES_128_CBC_SHA

                        TLS_ECDH_RSA_WITH_AES_256_CBC_SHA

                        TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA

                        TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

                        TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

                        TLS_RSA_WITH_AES_128_CBC_SHA

                        TLS_RSA_WITH_AES_256_CBC_SHA

                        TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256

                        TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384

 

 As we apply the relevant patches, we will ask you to perform various tests to ensure that your infrastructures continue to be compatible.

Our SMTP acceptance gateways will be due a patch, please be advised that we will ask that you test thoroughly the delivery mechanism for submitting journaled data to customers accounts.

To aid this, we will ask you to perform journal delivery tests against a pre-configured account, Sonian has generated on your behalf.

When you attempt to submit sample journal data to the test account, you must ensure that forced TLS is applied for the journaled SMTP delivery.  Do not allow the messages to be delivered utilising opportunistic TLS, as this will not identify any potential issues surrounding the security of the data during transit.

Please feel free to provide us with any feedback, concerns that are raised in the Sonian support ticketing service.

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk