Re: How to check for SSL1 ?
From: Sahir Hidayatullah (sahirh_at_mielesecurity.com)
Date: 09/29/05
- Previous message: email_at_neelsaxena.com: "Re: Vulnerability assessment for small business"
- In reply to: Thomas Springer: "How to check for SSL1 ?"
- Next in thread: Thomas Springer: "Re: How to check for SSL1 ?"
- Reply: Thomas Springer: "Re: How to check for SSL1 ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 29 Sep 2005 14:12:41 +0530 (IST) To: "Thomas Springer" <tuevsec@gmx.net>
Hi Thomas,
Foundstone has a free tool called SSL Digger which basically does what
you're looking for -- identify the cipher suites supported by a particular
SSL connection. It is also fairly descriptive about why certain
ciphersuites are weak etc.
If I remember correctly it will do SSL1. You can get it here:
http://www.foundstone.com/resources/proddesc/ssldigger.htm
Cheers,
Sahir Hidayatullah
------------------
Technical Consultant - Information Security
MIEL e-Security Pvt. Ltd.
> I hacked together an SSL-Checker (see a public version at
> http://serversniff.net/sslcheck.php) to check ssl-servers for supported
> protocols and ciphers. While the script is able to check for SSL2, SSL3,
> TLS1.0 and TLS1.1, I'm still looking for a software that is capable of
> checking servers for the ancient SSL1.
> Can anybody help me with a software that supports ssl1-connections?
>
> I also think to remember that there used to be other ancient
> secure-protocols supported by common servers - any hints on this?
>
> Thanks for any hints,
>
> Thomas
>
> ------------------------------------------------------------------------------
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers
> are
> futile against web application hacking. Check your website for
> vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before
> hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> -------------------------------------------------------------------------------
>
>
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
- Previous message: email_at_neelsaxena.com: "Re: Vulnerability assessment for small business"
- In reply to: Thomas Springer: "How to check for SSL1 ?"
- Next in thread: Thomas Springer: "Re: How to check for SSL1 ?"
- Reply: Thomas Springer: "Re: How to check for SSL1 ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
