Nice. Thanks for pointing this out. Huge help. Here's the output. Output of
red/warnings that might be related to the issue are bolded.
~/AppImages/testssl.sh-2.9 $ ./testssl.sh $IP of iDRAC6$
###########################################################
testssl.sh 3.0beta from https://testssl.sh/dev/
This program is free software. Distribution and
modification under GPLv2 permitted.
USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!
Please file bugs @ https://testssl.sh/bugs/
###########################################################
Using "OpenSSL 1.0.2-chacha (1.0.2i-dev)" [~183 ciphers]
on mybox:./bin/openssl.Linux.x86_64
(built: "Jun 22 19:32:29 2016", platform: "linux-x86_64")
Start 2018-05-16 10:27:09 -->> $IP of iDRAC6$:443 ($IP of iDRAC6$)
<<--
rDNS ($IP of iDRAC6$): --
Service detected: HTTP
Testing protocols via sockets except NPN+ALPN
SSLv2 not offered (OK)
SSLv3 not offered (OK)
TLS 1 offered
TLS 1.1 offered
TLS 1.2 offered (OK)
TLS 1.3 not offered
NPN/SPDY not offered
ALPN/HTTP2 not offered
Testing cipher categories
NULL ciphers (no encryption) not offered (OK)
Anonymous NULL Ciphers (no authentication) not offered (OK)
Export ciphers (w/o ADH+NULL) not offered (OK)
LOW: 64 Bit + DES encryption (w/o export) not offered (OK)
* Weak 128 Bit ciphers (SEED, IDEA, RC[2,4]) offered (NOT ok)*
Triple DES Ciphers (Medium) offered
High encryption (AES+Camellia, no AEAD) offered (OK)
Strong encryption (AEAD ciphers) offered (OK)
Testing robust (perfect) forward secrecy, (P)FS -- omitting Null
Authentication/Encryption, 3DES, RC4
PFS is offered (OK) DHE-RSA-AES256-GCM-SHA384
DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA DHE-RSA-CAMELLIA256-SHA
DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-SHA256
DHE-RSA-AES128-SHA DHE-RSA-SEED-SHA
DHE-RSA-CAMELLIA128-SHA
Testing server preferences
* Has server cipher order? nope (NOT ok)*
Negotiated protocol TLSv1.2
Negotiated cipher DHE-RSA-AES256-GCM-SHA384, 1024 bit DH
(limited sense as client will pick)
Negotiated cipher per proto (limited sense as client will pick)
DHE-RSA-AES256-SHA: TLSv1, TLSv1.1
DHE-RSA-AES256-GCM-SHA384: TLSv1.2
No further cipher order check has been done as order is determined by the
client
Testing server defaults (Server Hello)
TLS extensions (standard) "renegotiation info/#65281" "session
ticket/#35" "heartbeat/#15"
Session Ticket RFC 5077 hint 300 seconds, session tickets keys seems to be
rotated < daily
SSL Session ID support yes
Session Resumption Tickets: yes, ID: yes
TLS clock skew Random values, no fingerprinting possible
* Signature Algorithm MD5*
Server key size RSA 1024 bits
Server key usage --
Server extended key usage --
Serial / Fingerprints 00 / SHA1 506877E5570CAEB0DB4D201C8B5D86
C3E46D8DEC
SHA256 D9686B5136FAE940E9224A072AE455
B8E3CA601E2180DA6A5D9FF0FB1AC784BB
Common Name (CN) iDRAC6 default certificate
subjectAltName (SAN) missing (NOT ok) -- Browsers are complaining
Issuer self-signed (NOT ok)
Trust (hostname) certificate does not match supplied URI
Chain of trust NOT ok (self signed)
EV cert (experimental) no
Certificate Validity (UTC) 232 >= 60 days (2009-01-05 09:43 -->
2019-01-03 09:43)
# of certificates provided 1
Certificate Revocation List --
OCSP URI --
NOT ok -- neither CRL nor OCSP URI provided
OCSP stapling not offered
OCSP must staple extension --
DNS CAA RR (experimental) not offered
Certificate Transparency --
Testing HTTP header response @ "/"
HTTP Status Code 302 Moved Temporarily, redirecting to
"https://$IP of iDRAC6$/start.html"
HTTP clock skew -14432 sec from localtime
Strict Transport Security not offered
Public Key Pinning --
Server banner Mbedthis-Appweb/2.4.2
Application banner --
Cookie(s) (none issued at "/") -- maybe better try
target URL of 30x
Security headers --
Reverse Proxy banner --
Testing vulnerabilities
Heartbleed (CVE-2014-0160) not vulnerable (OK), timed out
CCS (CVE-2014-0224) not vulnerable (OK)
Ticketbleed (CVE-2016-9244), experiment. not vulnerable (OK)
ROBOT not vulnerable (OK)
Secure Renegotiation (CVE-2009-3555) not vulnerable (OK)
Secure Client-Initiated Renegotiation VULNERABLE (NOT ok), DoS threat
CRIME, TLS (CVE-2012-4929) not vulnerable (OK)
BREACH (CVE-2013-3587) no HTTP compression (OK) - only
supplied "/" tested
POODLE, SSL (CVE-2014-3566) not vulnerable (OK)
TLS_FALLBACK_SCSV (RFC 7507) Downgrade attack prevention
supported (OK)
SWEET32 (CVE-2016-2183, CVE-2016-6329) VULNERABLE, uses 64 bit block
ciphers
FREAK (CVE-2015-0204) not vulnerable (OK)
DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this host and
port (OK)
make sure you don't use this
certificate elsewhere with SSLv2 enabled services
https://censys.io/ipv4?q=
D9686B5136FAE940E9224A072AE455B8E3CA601E2180DA6A5D9FF0FB1AC784BB could help
you to find out
LOGJAM (CVE-2015-4000), experimental not vulnerable (OK): no DH
EXPORT ciphers, no common primes detected
BEAST (CVE-2011-3389) TLS1: DHE-RSA-AES256-SHA
DHE-RSA-CAMELLIA256-SHA AES256-SHA CAMELLIA256-SHA DHE-RSA-AES128-SHA
DHE-RSA-SEED-SHA DHE-RSA-CAMELLIA128-SHA
AES128-SHA SEED-SHA
CAMELLIA128-SHA IDEA-CBC-SHA EDH-RSA-DES-CBC3-SHA DES-CBC3-SHA
VULNERABLE -- but also supports
higher protocols TLSv1.1 TLSv1.2 (likely mitigated)
LUCKY13 (CVE-2013-0169), experimental potentially VULNERABLE, uses
cipher block chaining (CBC) ciphers with TLS. Check patches
RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK)
Testing 364 ciphers via OpenSSL plus sockets against the server, ordered
by encryption strength
Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits
Cipher Suite Name (RFC)
------------------------------------------------------------
-----------------------------------------------------------------
x9f DHE-RSA-AES256-GCM-SHA384 DH 1024 AESGCM 256
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
x6b DHE-RSA-AES256-SHA256 DH 1024 AES 256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
x39 DHE-RSA-AES256-SHA DH 1024 AES 256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
x88 DHE-RSA-CAMELLIA256-SHA DH 1024 Camellia 256
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
x9d AES256-GCM-SHA384 RSA AESGCM 256
TLS_RSA_WITH_AES_256_GCM_SHA384
x3d AES256-SHA256 RSA AES 256
TLS_RSA_WITH_AES_256_CBC_SHA256
x35 AES256-SHA RSA AES 256
TLS_RSA_WITH_AES_256_CBC_SHA
x84 CAMELLIA256-SHA RSA Camellia 256
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
x9e DHE-RSA-AES128-GCM-SHA256 DH 1024 AESGCM 128
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
x67 DHE-RSA-AES128-SHA256 DH 1024 AES 128
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
x33 DHE-RSA-AES128-SHA DH 1024 AES 128
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
x9a DHE-RSA-SEED-SHA DH 1024 SEED 128
TLS_DHE_RSA_WITH_SEED_CBC_SHA
x45 DHE-RSA-CAMELLIA128-SHA DH 1024 Camellia 128
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
x9c AES128-GCM-SHA256 RSA AESGCM 128
TLS_RSA_WITH_AES_128_GCM_SHA256
x3c AES128-SHA256 RSA AES 128
TLS_RSA_WITH_AES_128_CBC_SHA256
x2f AES128-SHA RSA AES 128
TLS_RSA_WITH_AES_128_CBC_SHA
x96 SEED-SHA RSA SEED 128
TLS_RSA_WITH_SEED_CBC_SHA
x41 CAMELLIA128-SHA RSA Camellia 128
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
x07 IDEA-CBC-SHA RSA IDEA 128
TLS_RSA_WITH_IDEA_CBC_SHA
x16 EDH-RSA-DES-CBC3-SHA DH 1024 3DES 168
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
x0a DES-CBC3-SHA RSA 3DES 168
TLS_RSA_WITH_3DES_EDE_CBC_SHA
Running client simulations via sockets
Android 4.2.2 TLSv1.0 DHE-RSA-AES256-SHA, 1024 bit DH
Android 4.4.2 TLSv1.2 DHE-RSA-AES256-GCM-SHA384, 1024 bit DH
Android 5.0.0 TLSv1.2 DHE-RSA-AES256-SHA, 1024 bit DH
Android 6.0 TLSv1.2 DHE-RSA-AES128-GCM-SHA256, 1024 bit DH
Android 7.0 TLSv1.2 AES128-GCM-SHA256
Chrome 57 Win 7 TLSv1.2 AES128-GCM-SHA256
Chrome 65 Win 7 TLSv1.2 AES128-GCM-SHA256
Firefox 53 Win 7 TLSv1.2 DHE-RSA-AES128-SHA, 1024 bit DH
Firefox 59 Win 7 TLSv1.2 AES128-SHA
IE 6 XP No connection
IE 7 Vista TLSv1.0 AES128-SHA
IE 8 Win 7 TLSv1.0 AES128-SHA
IE 8 XP TLSv1.0 DES-CBC3-SHA
IE 11 Win 7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384, 1024 bit DH
IE 11 Win 8.1 TLSv1.2 DHE-RSA-AES256-GCM-SHA384, 1024 bit DH
IE 11 Win Phone 8.1 TLSv1.2 AES128-SHA256
IE 11 Win 10 TLSv1.2 DHE-RSA-AES256-GCM-SHA384, 1024 bit DH
Edge 13 Win 10 TLSv1.2 DHE-RSA-AES256-GCM-SHA384, 1024 bit DH
Edge 13 Win Phone 10 TLSv1.2 DHE-RSA-AES256-GCM-SHA384, 1024 bit DH
Edge 15 Win 10 TLSv1.2 AES256-GCM-SHA384
Opera 17 Win 7 TLSv1.2 DHE-RSA-AES256-SHA, 1024 bit DH
Safari 9 iOS 9 TLSv1.2 AES256-GCM-SHA384
Safari 9 OS X 10.11 TLSv1.2 AES256-GCM-SHA384
Safari 10 OS X 10.12 TLSv1.2 AES256-GCM-SHA384
Apple ATS 9 iOS 9 No connection
Tor 17.0.9 Win 7 TLSv1.0 DHE-RSA-CAMELLIA256-SHA, 1024 bit DH
Java 6u45 TLSv1.0 AES128-SHA
Java 7u25 TLSv1.0 AES128-SHA
Java 8u161 TLSv1.2 AES256-SHA256
Java 9.0.4 TLSv1.2 AES256-GCM-SHA384
OpenSSL 1.0.1l TLSv1.2 DHE-RSA-AES256-GCM-SHA384, 1024 bit DH
OpenSSL 1.0.2e TLSv1.2 DHE-RSA-AES256-GCM-SHA384, 1024 bit DH
Done 2018-05-16 10:31:04 [ 237s] -->> $IP of iDRAC6$:443 ($IP of iDRAC6$)
<<--
On Wed, May 16, 2018 at 4:35 AM, Sebastien KOECHLIN <[email protected]>
wrote:
> On Thu, May 10, 2018 at 12:09:22PM -0400, R S wrote:
> > Nah, the SSL/TLS backend in the iDRAC6 most likely needs to be updated
> and
> > that will fix it (see other email thread from Mr. S. Smoogen). Instead we
> > are insecuring our Java clients to make it work with insecure iDRAC6.
> > If it were possible, I'd get a kick out of the results on SSLLabs. It's
> > seems they are still relying on MD5 and 1024 keys!
>
> You can download a script on https://testssl.sh/. It run on any Linux and
> use openssl to test many ciphers and protocols versions. It produce a very
> complete analyse and a client compatibility matrix.
>
> --
> Seb, autocuiseur
>
> _______________________________________________
> Linux-PowerEdge mailing list
> [email protected]
> https://lists.us.dell.com/mailman/listinfo/linux-poweredge
>
--
Tech III * AppControl * Endpoint Protection * Server Maintenance
Buncombe County Schools Technology Department Network Group
ComicSans Awareness Campaign <http://comicsanscriminal.com>
_______________________________________________
Linux-PowerEdge mailing list
[email protected]
https://lists.us.dell.com/mailman/listinfo/linux-poweredge
