msgbartop
MAC OS X, Linux, Windows and other IT Tips and Tricks
msgbarbottom

09 Mar 16 Testing SSL Connections with SSLyze, Nmap or OpenSSL

Introduction:
OpenSSL is a great tool to check SSL connections to servers. The difficulty here is when one want a full scan of all possible SSL Cyphers and protocols used by a server. That is where SSLyze comes in handy. This tool is a Python script which will scan the target host/port for SSL handshake and report what works/support and what not. Unfortunately this lovely tool is not included in the Ubuntu/Debian distributions, and this is where this post comes handy.

IMPORTANT: Besides executing all the tests below one thing very important (as noted in the This link) is to upgrade OpenSSL to the latest version as follows:
OpenSSL 1.0.2 users should upgrade to 1.0.2g
OpenSSL 1.0.1 users should upgrade to 1.0.1s

SSLyze

Installing the dependencies and tool
cd /root/bin
wget https://github.com/nabla-c0d3/sslyze/archive/0.13.4.tar.gz
tar fvxz 0.13.4.tar.gz
apt-get install python-pip python-dev
pip install nassl

Using SSLyze
python /root/bin/sslyze-0.13.4/sslyze_cli.py --regular www.itmatrix.eu:443

NMAP

Scanning the full server for weaknesses including weak SSL Versions using NMAP.
Note: This operation can take a long time to execute.
apt-get install nmap
nmap -sV -sC www.itmatrix.eu

OR better(for checking the HTTPS,SMTPS,IMAPS,POP3S)
nmap --script ssl-cert,ssl-enum-ciphers -p 443,465,993,995 www.itmatrix.eu

OpenSSL

Checking the SSL connection with OpenSSL
echo 'q' | openssl s_client -host www.itmatrix.eu -port 443
Note: In this above case since the SSLv2 support is normally disabled for OpenSSL in Debian/Ubuntu distributions, you will not be able to see if the server is supporting it. To overcome this and enable SSLv2 support(for your testing Linux) then follow the instructions in this site:
http://www.hackwhackandsmack.com/?p=46

NOTE:
For more information regarding protection against DROWN(SSLv2) or POODLE(SSLv3) attacks see:
https://drownattack.com
http://www.softwaresecured.com/2016/03/01/how-to-confirm-whether-you-are-vulnerable-to-the-drown-attack/
http://www.mogilowski.net/lang/de-de/2014/10/23/disabling-sslv3-for-poodle-on-debian/
https://www.owasp.org/index.php/Testing_for_Weak_SSL/TLS_Ciphers,_Insufficient_Transport_Layer_Protection_%28OTG-CRYPST-001%29
https://zmap.io/sslv3/

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: