Anatomy of a custom cipher jetPACK, and some examples
What is a Cipher jetPACK?
A jetPACK is a small text file comprising configuration instructions for the EdgeADC. A jetPACK could be anything from a Cipher to a configuration setting. jetPACKS are very easy to create, but please ensure you know what you are doing when you create one. If in any doubt, please email Edgenexus Support.
Anatomy of a Cipher jetPACK
Let’s take a look at a jetPACK.
#!jetpack
[jetnexusdaemon-cipher-No_SSLv3_No_TLSv1_No_TLSv1.1_No_RC4_No_CBC-strong]
Cipher="ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:HIGH:!3DES:!aNULL:!MD5:!DSS:!MD5:!aNULL:!EDH:!RC4:!SHA1:!SHA256:!SHA384"
Cipher1=""
Cipher2=""
CipherOptions="NO_SSLv3,NO_TLSv1,NO_TLSv1.1,CIPHER_SERVER_PREFERENCE"
Description="No-TLSv1 No-TLSv1.1 No-SSLv3 No-RC4 No-CBC strong"jetPACK examples
Strong Ciphers
This will add the ability to choose “Strong Ciphers” from the Cipher options list.
Cipher = ALL:RC4+RSA:+RC4:+HIGH:!DES-CBC3-SHA:!SSLv2:!ADH:!EXP:!ADHexport:!MD5
#!jetpack [jetnexusdaemon-cipher-No_SSLv3_No_TLSv1_No_RC4_stronger] Cipher="ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:HIGH:!3DES:!aNULL:!MD5:!DSS:!MD5:!aNULL:!EDH:!RC4" Cipher1="" Cipher2="" CipherOptions="NO_SSLv3,NO_TLSv1,CIPHER_SERVER_PREFERENCE" Description="No-TLSv1 No-SSLv3 No-RC4-stronger"
Anti-Beast
This will add the ability to choose “Anti Beast” from the Cipher Options list.
Cipher = ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH
#!update
[jetnexusdaemon-cipher-antiBEAST]
Cipher="ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH"
CipherOptions="CIPHER_SERVER_PREFERENCE"
CipherSuppressVersionAll=
Description="Anti Beast"
No SSLv3
This will add the ability to choose “No SSLv3” from the Cipher Options list.
Cipher = ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:HIGH:!MD5:!aNULL:!EDH:!RC4
#!update [jetnexusdaemon-cipher-NOSSLv3] Cipher="ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:HIGH:!MD5:!aNULL:!EDH:!RC4" Cipher1="" Cipher2="" CipherOptions="NO_SSLv3,CIPHER_SERVER_PREFERENCE" Description="No SSLv3"
No SSLv3 No TLSv1 No RC4
This will add the ability to choose “No-TLSv1 No-SSLv3 No-RC4” from the Cipher Options list.
Cipher = ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:HIGH:!MD5:!aNULL:!EDH:!RC4
#!update [jetnexusdaemon-cipher-No-SSLv3-No-TLSv1-No-RC4] Cipher="ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:HIGH:!MD5:!aNULL:!EDH:!RC4" Cipher1="" Cipher2="" CipherOptions="NO_SSLv3,NO_TLSv1,CIPHER_SERVER_PREFERENCE" Description="No-TLSv1 No-SSLv3 No-RC4"
No TLSv1
This will add the ability to choose “NO_TLSv1.1” from the Cipher Options list.
Cipher= ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128: DH+AES:RSA+AESGCM:RSA+AES:HIGH:!3DES:!aNULL:!MD5:!DSS:!MD5:!aNULL:!EDH:!RC4
#!jetpack [cipher-No-SSLv3-No-TLSv1.0-v1.1-No-RC4-strong] Cipher="ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:HIGH:!3DES:!aNULL:!MD5:!DSS:!MD5:!aNULL:!EDH:!RC4" Cipher1="" Cipher2="" CipherOptions="NO_SSLv3,NO_TLSv1,NO_TLSv1.1,CIPHER_SERVER_PREFERENCE" Description="No-TLSv1 v1.1 No-SSLv3 No-RC4-strong"