mailing list archives
Athena SSL Cipher Check v0.6.2
From: Darren McDonald <athena () dmcdonald net>
Date: Wed, 5 Jan 2011 22:12:46 +0000
Athena SSL Cipher Check has been updated to version 0.6.2, and
contains some important bug fixes.
Download it from http://dmcdonald.net/athena-ssl-cipher-check_v062.tar.gz
athena-ssl-cipher-check is an SSL Cipher scanner. Unlike most
scanners, rather than scanning the
few ciphers openssl supports, it checks for every possible cipher by
enumerating all 65536 cipher codes.
Id recommended runnning it along another checker, as while athena is
becoming more reliable, I imagine there are some more bugs out there.
Athena's rather aggressive implementation of SSL/TLS can sometimes
break stuff, dont run it against critical live infrastructure! :)
I'd be greatful for any bugs/comments you have.
26 Aug 2010 - Update v0.521
* It appears I left a bit of debug code which outputed '*' symbols.
v0.521 should fix this
8 Sept 2010 - Update v0.53
* The time it takes Athena to run has been reduced by about 20-50%
* A bug where Athena incorrectly reported it was scanning first and
even if they were options has been corrected
27 Oct 2010 - Update v0.6
* Bug fixed which sometimes prevented athena from seeing some sslv2 ciphers
* Includes a client side cipher checker
* Can now identify over 200 cipher codes
5 Jan 2011 - Update v0.62
* Bug fixed which sometimes prevents athena seeing some ciphers (thanks Dom)
* Bug fixed which sometimes caused athena to erronously report known
ciphers as unknown
* --lazy mode added which advises on which ciphers to disable (Thanks
to other Dom)
* --safe mode which allows athena to work with webservers which do not
follow the RFCs and ignore the first ciphersuite size byte.
* General code tidy
* Added another SSLv2 cipher (8 total)
* Can now identify 215 SSLv3/TLSv1 Ciphers
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
- Athena SSL Cipher Check v0.6.2 Darren McDonald (Jan 05)