标签:
SSL(Secure Sockets Layer 安全套接层),及其继任者传输层安全(Transport Layer Security,TLS)是为
网络通信提供安全及数据完整性的一种安全协议。TLS与SSL在传输层对网络连接进行加密,而老旧的加密协议
可能会带来安全隐患,在freebuf上看到有人介绍过一款工具(sslciphercheck v1.4.2),拿来试试效果还不错。
sslciphercheck v1.4.2特性:
Features -------- - Console - Supports SSLv2 - Supports SSLv3 - Supports TLSv1 - Checks all SSL ciphers supported by OpenSSL - Retrieves the SSL certificate info including SGC - Performs a HTTP request to ensure that the protocol/algorithm connection is valid - Parses out the HTTP response header and displays to console e.g. HTTP/1.1 200 OK or HTTP/1.1 301 Moved Permanently etc - Can output each successful HTTP response to a file in the format: PROTOCOL_ALGORITHM_STRENGTH.html e.g. SSLv3_AES256-SHA_256.html (-t) - Can perform a keyword(s) match on the HTML response (-m) - Alerts for certificate issues such as expired, invalid cert chain, incorrect subject name etc - Colourised output to alert if weak ciphers are in use or SSLv2 supported - Colourised output to alert on certificate issues - Checks for SSL renegotiation issues
使用实例:
标签:
原文地址:http://www.cnblogs.com/tdcqma/p/5504676.html
