This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Talk:Testing for SSL-TLS (OWASP-CM-001)"
From OWASP
(New page: __TOC__ == Reference/Citation needed == We should attach a reference or citation to the first part of the summary: "Due to historic export restrictions of high grade cryptography".<br> ~~...) |
(New section: Testing with OpenSSL?) |
||
Line 4: | Line 4: | ||
We should attach a reference or citation to the first part of the summary: "Due to historic export restrictions of high grade cryptography".<br> | We should attach a reference or citation to the first part of the summary: "Due to historic export restrictions of high grade cryptography".<br> | ||
[[User:Rick.mitchell|Rick.mitchell]] 10:09, 3 September 2008 (EDT) | [[User:Rick.mitchell|Rick.mitchell]] 10:09, 3 September 2008 (EDT) | ||
+ | |||
+ | == Testing with OpenSSL? == | ||
+ | |||
+ | Vulnerability scanners are mentioned a number of times, determination as to whether LOW or NULL strength ciphers can be used can be accomplished via OpenSSL, for example: | ||
+ | <pre> | ||
+ | openssl s_client -connect www.google.com:443 -cipher NULL | ||
+ | openssl s_client -connect www.google.com:443 -cipher LOW | ||
+ | </pre><br> | ||
+ | [[User:Rick.mitchell|Rick.mitchell]] 12:38, 3 September 2008 (EDT) |
Revision as of 16:38, 3 September 2008
Reference/Citation needed
We should attach a reference or citation to the first part of the summary: "Due to historic export restrictions of high grade cryptography".
Rick.mitchell 10:09, 3 September 2008 (EDT)
Testing with OpenSSL?
Vulnerability scanners are mentioned a number of times, determination as to whether LOW or NULL strength ciphers can be used can be accomplished via OpenSSL, for example:
openssl s_client -connect www.google.com:443 -cipher NULL openssl s_client -connect www.google.com:443 -cipher LOW
Rick.mitchell 12:38, 3 September 2008 (EDT)