May

SSL Scan – ESDS VTMScan

Introduction

SSL Certificates provide secure, encrypted communications between a website and an internet browser. Web servers have a need to secure some data to and from clients, usually, the type of data are passwords, forms for submitting personal information such as bank details and so on. Websites can make use of data encryption using SSL certificates. When a URL begins with “https” as opposed to just “HTTP” it is encrypting that data to and from the end user. This means data is scrambled when in transit and protected from anyone else being able to view that data. When the packet arrives at its destination, data is finally decrypted. So we install SSL certificates for our websites in order to make the transaction between the client and website secure through SSL protocol. But, it does not mean that the website is fully secure like most people think it is after having installed an SSL certificate. We need to check the algorithm used to create that the SSL certificate is strong or not and also to check the configuration of the certificate installed. If the algorithm is weak or the configuration of SSL certificate is not done properly then though it is installed it will be of no use to prevent any attacks on the website.

ESDS VTMScan Detection Technique

In SSL scanning, we scan the SSL certificate of the website where we check for authenticity of the certificate and if the algorithm used in SSL is weak or strong.
Using Nmap script we check for SSL POODLE vulnerability.
We also check for different types of SSL attacks such as heartbleed, CSS injection, logjam attack, tls fallback, drown, crime and freak.
We check whether the domain uses an invalid security certificate.
We check whether the domain uses an expired security certificate.
We check whether the domain uses a security certificate which expires today (EOD).