Difference between revisions of "Talk:Testing for SSL-TLS (OWASP-CM-001)"

From OWASP
Jump to: navigation, search
(New page: __TOC__ == Reference/Citation needed == We should attach a reference or citation to the first part of the summary: "Due to historic export restrictions of high grade cryptography".<br> ~~...)
 
(New section: Testing with OpenSSL?)
Line 4: Line 4:
 
We should attach a reference or citation to the first part of the summary: "Due to historic export restrictions of high grade cryptography".<br>
 
We should attach a reference or citation to the first part of the summary: "Due to historic export restrictions of high grade cryptography".<br>
 
[[User:Rick.mitchell|Rick.mitchell]] 10:09, 3 September 2008 (EDT)
 
[[User:Rick.mitchell|Rick.mitchell]] 10:09, 3 September 2008 (EDT)
 +
 +
== Testing with OpenSSL? ==
 +
 +
Vulnerability scanners are mentioned a number of times, determination as to whether LOW or NULL strength ciphers can be used can be accomplished via OpenSSL, for example:
 +
<pre>
 +
openssl s_client -connect www.google.com:443 -cipher NULL
 +
openssl s_client -connect www.google.com:443 -cipher LOW
 +
</pre><br>
 +
[[User:Rick.mitchell|Rick.mitchell]] 12:38, 3 September 2008 (EDT)

Revision as of 11:38, 3 September 2008

Contents


Reference/Citation needed

We should attach a reference or citation to the first part of the summary: "Due to historic export restrictions of high grade cryptography".
Rick.mitchell 10:09, 3 September 2008 (EDT)

Testing with OpenSSL?

Vulnerability scanners are mentioned a number of times, determination as to whether LOW or NULL strength ciphers can be used can be accomplished via OpenSSL, for example:

openssl s_client -connect www.google.com:443 -cipher NULL
openssl s_client -connect www.google.com:443 -cipher LOW

Rick.mitchell 12:38, 3 September 2008 (EDT)