Friday, September 11, 2009

SSLScan

Need to assess your SSL/TLS-enabled webserver to ensure that it is configured securely? Use SSLScan.

commandrine@bridge:~$ sslscan 10.10.10.12

It is an accurate and fast scanner. As seen in the extracted output below, it determines that my test webserver supports the weak SSLv2.

Testing SSL server 10.10.10.12 on port 443

Supported Server Cipher(s):
Accepted SSLv2 168 bits DES-CBC3-MD5
Accepted SSLv2 56 bits DES-CBC-MD5
Accepted SSLv2 40 bits EXP-RC2-CBC-MD5
Accepted SSLv2 128 bits RC2-CBC-MD5
Accepted SSLv2 40 bits EXP-RC4-MD5
Accepted SSLv2 128 bits RC4-MD5

No comments:

Post a Comment