Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: How to check for SSL1 ?
From: "Sahir Hidayatullah" <sahirh () mielesecurity com>
Date: Thu, 29 Sep 2005 14:12:41 +0530 (IST)

Hi Thomas,
Foundstone has a free tool called SSL Digger which basically does what
you're looking for -- identify the cipher suites supported by a particular
SSL connection. It is also fairly descriptive about why certain
ciphersuites are weak etc.

If I remember correctly it will do SSL1. You can get it here:
http://www.foundstone.com/resources/proddesc/ssldigger.htm

Cheers,

Sahir Hidayatullah
------------------
Technical Consultant - Information Security
MIEL e-Security Pvt. Ltd.


I hacked together an SSL-Checker (see a public version at
http://serversniff.net/sslcheck.php) to check ssl-servers for supported
protocols and ciphers. While the script is able to check for SSL2, SSL3,
TLS1.0 and TLS1.1, I'm still looking for a software that is capable of
checking servers for the ancient SSL1.
Can anybody help me with a software that supports ssl1-connections?

I also think to remember that there used to be other ancient
secure-protocols supported by common servers - any hints on this?

Thanks for any hints,

Thomas

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers
are
futile against web application hacking. Check your website for
vulnerabilities
to SQL injection, Cross site scripting and other web attacks before
hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------





------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault