SSLScan
Need to assess your SSL/TLS-enabled webserver to ensure that it is configured securely? Use SSLScan.
commandrine@bridge:~$ sslscan 10.10.10.12
It is an accurate and fast scanner. As seen in the extracted output below, it determines that my test webserver supports the weak SSLv2.
Testing SSL server 10.10.10.12 on port 443
Supported Server Cipher(s):
Accepted SSLv2 168 bits DES-CBC3-MD5
Accepted SSLv2 56 bits DES-CBC-MD5
Accepted SSLv2 40 bits EXP-RC2-CBC-MD5
Accepted SSLv2 128 bits RC2-CBC-MD5
Accepted SSLv2 40 bits EXP-RC4-MD5
Accepted SSLv2 128 bits RC4-MD5
commandrine@bridge:~$ sslscan 10.10.10.12
It is an accurate and fast scanner. As seen in the extracted output below, it determines that my test webserver supports the weak SSLv2.
Testing SSL server 10.10.10.12 on port 443
Supported Server Cipher(s):
Accepted SSLv2 168 bits DES-CBC3-MD5
Accepted SSLv2 56 bits DES-CBC-MD5
Accepted SSLv2 40 bits EXP-RC2-CBC-MD5
Accepted SSLv2 128 bits RC2-CBC-MD5
Accepted SSLv2 40 bits EXP-RC4-MD5
Accepted SSLv2 128 bits RC4-MD5
Comments
Post a Comment