[Bro] Bro 2.5 and FIPS

Weasel, Gary W Jr CIV DISA RE (US) gary.w.weasel2.civ at mail.mil
Thu Dec 8 06:44:34 PST 2016


I'm attempting to run Bro 2.5 on a system that is in FIPS 140-2 compliance mode.  However, any time that I attempt to run anything Bro related, I end up with MD5 Digest errors, such as:

md5_dgst.c(80): OpenSSL internal error, assertion failed: Digest MD5 forbidden in FIPS mode!

Is there any configuration in Bro somewhere that I can change to solve this, where Bro is compatible with a system that's FIPS enabled?  Is that something I would only be able to deal with when compiling Bro from source, or is there a way to run Bro at all in FIPS mode?

- Gary

More information about the Bro mailing list