Friday, September 11, 2009


Need to assess your SSL/TLS-enabled webserver to ensure that it is configured securely? Use SSLScan.

commandrine@bridge:~$ sslscan

It is an accurate and fast scanner. As seen in the extracted output below, it determines that my test webserver supports the weak SSLv2.

Testing SSL server on port 443

Supported Server Cipher(s):
Accepted SSLv2 168 bits DES-CBC3-MD5
Accepted SSLv2 56 bits DES-CBC-MD5
Accepted SSLv2 40 bits EXP-RC2-CBC-MD5
Accepted SSLv2 128 bits RC2-CBC-MD5
Accepted SSLv2 40 bits EXP-RC4-MD5
Accepted SSLv2 128 bits RC4-MD5

No comments:

Post a Comment