[Ach] SSLyze / GnuTLS
christian mock
cm at coretec.at
Fri Nov 22 18:31:27 CET 2013
On Thu, Nov 21, 2013 at 05:53:01PM -0500, Michael Zeltner wrote:
> It seems quite useful for auditing, similar to that nmap script, but it
> supports STARTTLS. It gives the following output for the currently proposed
> Postfix configuration:
>
> Accepted Cipher Suite(s):
> EXP-ADH-RC4-MD5 Anon 250 2.0.0 Ok
> AECDH-RC4-SHA Anon 250 2.0.0 Ok
> AECDH-DES-CBC3-SHA Anon 250 2.0.0 Ok
> AECDH-AES256-SHA Anon 250 2.0.0 Ok
> AECDH-AES128-SHA Anon 250 2.0.0 Ok
> ADH-SEED-SHA Anon 250 2.0.0 Ok
> ADH-DES-CBC3-SHA Anon 250 2.0.0 Ok
> ADH-CAMELLIA256-SHA Anon 250 2.0.0 Ok
> ADH-CAMELLIA128-SHA Anon 250 2.0.0 Ok
> ADH-AES256-SHA256 Anon 250 2.0.0 Ok
> ADH-AES256-SHA Anon 250 2.0.0 Ok
> ADH-AES256-GCM-SHA384 Anon 250 2.0.0 Ok
> ADH-AES128-SHA256 Anon 250 2.0.0 Ok
> ADH-AES128-SHA Anon 250 2.0.0 Ok
> ADH-AES128-GCM-SHA256 Anon 250 2.0.0 Ok
> EXP-RC2-CBC-MD5 40 bits 250 2.0.0 Ok
> EXP-EDH-RSA-DES-CBC-SHA 40 bits 250 2.0.0 Ok
Is that really the *full* list of ciphers? Because then your config is
quite broken, and I'd like to debug this.
cm.
--
Christian Mock Wiedner Hauptstr. 15
Senior Security Engineer 1040 Wien
CoreTEC IT Security Solutions GmbH +43-1-5037273
FN 214709 z
.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.
CoreTEC: Web Application Audit - Damit so etwas nicht passiert!
http://heise.de/-1260559
.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.
More information about the Ach
mailing list