• 13
name

A PHP Error was encountered

Severity: Notice

Message: Undefined index: userid

Filename: views/question.php

Line Number: 191

Backtrace:

File: /home/prodcxja/public_html/questions/application/views/question.php
Line: 191
Function: _error_handler

File: /home/prodcxja/public_html/questions/application/controllers/Questions.php
Line: 433
Function: view

File: /home/prodcxja/public_html/questions/index.php
Line: 315
Function: require_once

My znc's SSL port is not 443. Various SSL vulnerability tests on the web work only on 443 port.

znc SSL port serves a web server and an IRC bouncer simultaneously.

How can I test whether znc SSL port is not vulnerable against SSL vulnerabilities like logjam, poodle, freak, and so on?

You can test your SSL connection by using the openssl and nmap tool.

Heartbleed

openssl version

Your OpenSSL installation is vulnerable to Hertbleed if the version output is one of these values: 1.0.1f, 1.0.1e, 1.0.1d, 1.0.1c, 1.0.1b, 1.0.1a, 1.0.1 source

As pointed out in the comments below just checking the version might give you a false positive as most distributions offer security patches which don't change the version of openssl.

I found this answer on the serverfault to check for heartbleed:

openssl s_client -connect example.com:443 -tlsextdebug 2>&1 | grep 'server extension "heartbeat" (id=15)' || echo safe

Poodle

openssl s_client -connect example.com:443 -ssl3

if you get something like this

3073927320:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1258:SSL alert number 40 3073927320:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:596:

everything is ok. source

Logjam

openssl s_client -connect example.com:443 -ssl3

This should output two lines: Server public key is 4096 bit is your RSA Key size.

Server Temp Key: DH, 4096 bits is your DH-Parameter size.

If this is 1024 bits or lower you need up upgrade your configuration.

source

Freak

I have found no way to test against freak attack by just using openssl. You can use nmap instead.

nmap --script ssl-enum-ciphers -p 443 example.com | grep EXPORT -l | wc -l

prints 1 for vulnerable and 0 for clean.

source

  • 3
Reply Report

Try testssl.sh. Great tool that can be run from command line and give pretty much the same output as ssllabs.com (though without browser info unfortunately), but not limited by port or to public facing websites.

Note this is a shell script which, as I understand it from a quick look at the source, basically wraps all the openssl commands that knowhy has suggested in his answer and more into one nice, easy to use, script.

  • 2
Reply Report

Trending Tags