Hola!
Muy buenas a todos/as!
Cada vez mas es mas importante la seguridad en nuestra página web de SSL, no solo por presencia y seguridad sino por aportar un grado extra a los clientes y que sepan qu están seguros sus datos viajando por tu página web.
Con esta herramienta podremos comprobar la seguridad de nuestra configuración SSL.
La herramienta está disponible en Code Google aquí.
- Comprobando la renegociación SSL:
El que un servidor permite renegociar la sesión es un problema muy grave si no se controla, el que no hayan medidas preventivas como aceleradores SSL o que sólo se pueda renegociar una serie de veces puede acarrear que el servidor sufra una denegación de servicio.
Podemos comprobar si el servidor soporta renegociación:
REGISTERING AVAILABLE PLUGINS —————————–PluginOpenSSLCipherSuites – OK PluginSessionResumption – OK PluginCertInfo – OK PluginEmpty – OK PluginSessionRenegotiation – OKCHECKING HOST(S) AVAILABILITY —————————–example.com:443 => example.com:443SCAN RESULTS FOR example.com:443 – example.com:443 ——————————————————–* Session Renegotiation :Client-initiated Renegotiations: RejectedSecure Renegotiation: SupportedSCAN COMPLETED IN 0.61 S ————————
Podemos ver en este caso que el servidor soporta renegociación, es susceptible a sufrir un ataque de denegación de servicio
Otra de las comprobaciones que podemos hacer es hacer un resumen de los diferentes “niveles de ssl”
REGISTERING AVAILABLE PLUGINS —————————–PluginOpenSSLCipherSuites – OK PluginSessionResumption – OK PluginCertInfo – OK PluginEmpty – OK PluginSessionRenegotiation – OKCHECKING HOST(S) AVAILABILITY —————————–example.com:443 => example.com:443SCAN RESULTS FOR example.com:443 – example.com:443 ——————————————————–* Session Resumption : Using TLSv1 Session IDs: Supported Using TLSv1 Session Tickets: Supported Using SSLv3 Session IDs: Error => SSL Handshake failed: Failed – SSL Bad decompressionSCAN COMPLETED IN 0.65 S ————————
Podemos ver que soporta renegociación con diferentes ssl.
En muchas ocasiones el servidor se encuentra detrás de un balanceador de carga que se encarga de balancear las peticiones web que hacen los usuarios. Con sslyze podemos detectar si el servidor puede encontrarse detrás de un balanceador:
REGISTERING AVAILABLE PLUGINS —————————–PluginOpenSSLCipherSuites – OK PluginSessionResumption – OK PluginCertInfo – OK PluginEmpty – OK PluginSessionRenegotiation – OKCHECKING HOST(S) AVAILABILITY —————————–example.com:443 => example.com:443SCAN RESULTS FOR example.com:443 – example.com:443 ——————————————————–* Session Resumption Rate : 0 resumptions successful out of 100 attempts. Errors were encountered.SCAN COMPLETED IN 5.10 S ————————
En este caso el servidor NO se encuenta detrás de un balanceador
- Obtener información aerca del certificado
Otra información útil que podemos obtener es información sobre el certificado, información básica
REGISTERING AVAILABLE PLUGINS —————————–PluginOpenSSLCipherSuites – OK PluginSessionResumption – OK PluginCertInfo – OK PluginEmpty – OK PluginSessionRenegotiation – OKCHECKING HOST(S) AVAILABILITY —————————–example.com:443 => example.com:443SCAN RESULTS FOR example.com:443 – example.com:443 ——————————————————–* Certificate : Validation w/ Mozilla’s CA Store: Certificate is NOT Trusted Subject CN: plesk Issuer: /C=US/ST=Virginia/L=Herndon/O=Parallels/OU=Plesk/CN=plesk/emailAddress=info@plesk.com Serial Number: 4D75F9B5 Not before: Mar 8 09:41:09 2011 GMT Not after: Mar 7 09:41:09 2012 GMT Keysize: 2048 bits Signature Algorithm: sha1WithRSAEncryption Version: 1 (0×0) SHA1 Fingerprint: A61526A0E8FD6D1A1A028573376EA9BB7C9578C9 Number of Extensions: 0SCAN COMPLETED IN 0.67 S ————————
Aquí hay información básica sobre el certificado.
- Información completa sobre un certificado en concreto
REGISTERING AVAILABLE PLUGINS —————————–PluginOpenSSLCipherSuites – OK PluginSessionResumption – OK PluginCertInfo – OK PluginEmpty – OK PluginSessionRenegotiation – OKCHECKING HOST(S) AVAILABILITY —————————–example.com:443 => example.com:443SCAN RESULTS FOR example.com:443 – example.com:443 ——————————————————–* Certificate : Validation w/ Mozilla’s CA Store: Certificate is NOT Trusted Data: Version: 1 (0×0) Serial Number: 1299577269 (0x4d75f9b5) Signature Algorithm: sha1WithRSAEncryption Issuer: C=US, ST=Virginia, L=Herndon, O=Parallels, OU=Plesk, CN=plesk/emailAddress=info@plesk.com Validity Not Before: Mar 8 09:41:09 2011 GMT Not After : Mar 7 09:41:09 2012 GMT Subject: C=US, ST=Virginia, L=Herndon, O=Parallels, OU=Plesk, CN=plesk/emailAddress=info@plesk.com Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (2048 bit) Modulus (2048 bit): 00:ae:f7:6a:2f:de:db:17:bd:2b:4e:57:f5:d7:96: fb:50:b9:04:54:8b:1b:5e:61:fe:77:24:99:12:8f: cc:1d:49:91:e4:d3:a0:4b:46:0e:b4:80:e4:a7:dd: ed:13:1e:90:21:2b:cc:72:54:a8:f7:b3:e1:12:62: a7:e5:52:24:66:58:07:25:ab:a0:7d:1a:cc:6c:f5: dd:66:4c:aa:07:32:8b:6b:d4:51:eb:f7:93:2f:0a: e8:36:f3:8f:7c:b0:68:c7:21:46:65:87:4e:48:92: dd:31:c9:d2:81:5f:b2:c1:32:f4:1f:bf:4c:23:65: ad:5d:ff:d9:72:ea:a9:90:e7:14:ea:9a:39:b9:43: 21:cb:ea:37:74:dd:11:e0:c9:35:e2:50:c2:10:6c: 0d:76:58:b9:74:73:fb:c9:7f:e9:7d:5d:00:05:92: 1f:3a:8b:fd:ba:7d:e5:c0:1f:16:01:05:9d:88:a4: f1:b4:36:5b:cf:67:d3:86:ee:b7:d9:b5:6c:31:c0: a9:b3:4a:ba:eb:2b:d7:d4:54:bf:dc:87:2c:66:2c: 0b:85:ac:6d:4b:7c:e7:ee:04:ca:6c:1c:a1:e9:74: c7:b7:fa:38:44:bb:e0:f1:e8:4b:b6:e6:c1:e7:1e: 9d:06:92:88:55:c2:b0:bf:5b:99:34:db:cc:1b:bf: cb:35 Exponent: 65537 (0×10001) Signature Algorithm: sha1WithRSAEncryption 8b:f0:45:e6:93:ba:8f:75:51:4c:14:68:47:f6:d1:0c:3b:da: d9:c9:15:b2:c8:b2:b8:8f:09:35:69:c8:d4:72:cc:3d:6d:e3: ae:72:90:81:9d:39:8a:62:81:13:42:0a:3a:2f:8c:a6:d4:fb: 40:f1:44:8c:a4:ea:da:c4:a4:c5:ea:96:e2:4f:f8:7d:90:a3: fd:77:06:e7:92:e1:c3:ab:af:ff:48:b3:69:8f:1f:94:79:11: b1:98:ac:54:ea:94:e7:e8:7b:5f:6c:fc:d3:8e:69:84:4d:83: 31:ed:4f:b5:b2:0e:60:e9:00:56:29:f5:13:b1:ac:97:84:5c: 55:4c:e3:8b:2f:54:ad:94:39:05:1d:55:27:88:c8:65:be:91: 48:b6:df:09:d0:00:db:b1:cf:c5:8c:c6:23:11:1a:a1:7a:b8: e0:19:f1:96:b8:75:c3:80:60:93:8e:cd:57:18:fb:14:9d:11: 15:82:69:4d:08:5a:5d:14:18:28:a2:65:dc:8f:69:31:b0:11: f5:85:18:58:ee:ef:4c:ea:fa:0d:81:a4:e1:9f:bf:da:9d:0f: 0c:f6:41:ce:0b:41:79:2f:ac:a3:1f:88:87:fa:d0:40:10:26: 69:51:86:16:24:e2:ac:a8:ed:12:08:53:85:71:10:4d:19:d6: a4:25:48:e5SCAN COMPLETED IN 0.68 S ————————
Aparte de la información básica podemos obtener toda la información sobre el certificado
- Obtener información sobre el key size del certificado
REGISTERING AVAILABLE PLUGINS —————————–PluginOpenSSLCipherSuites – OK PluginSessionResumption – OK PluginCertInfo – OK PluginEmpty – OK PluginSessionRenegotiation – OKCHECKING HOST(S) AVAILABILITY —————————–example.com:443 => example.com:443SCAN RESULTS FOR example.com:443 – example.com:443 ——————————————————–* Certificate : Validation w/ Mozilla’s CA Store: Certificate is NOT Trusted Keysize: 2048 bitsSCAN COMPLETED IN 0.66 S ————————
Si solo queremos tener información acerca del tamaño del certificado podemos hacer esta consulta
- Obtener el CN del certificado
Si por el contrario sólo queremos obtenert el CN del certificado podemos hacer la consulta que nos devolverá:
REGISTERING AVAILABLE PLUGINS —————————–PluginOpenSSLCipherSuites – OK PluginSessionResumption – OK PluginCertInfo – OK PluginEmpty – OK PluginSessionRenegotiation – OKCHECKING HOST(S) AVAILABILITY —————————–example.com:443 => example.com:443SCAN RESULTS FOR example.com:443 – example.com:443 ——————————————————–* Certificate : Validation w/ Mozilla’s CA Store: Certificate is NOT Trusted Subject CN: pleskSCAN COMPLETED IN 0.91 S ————————
- Permitir negociar con un cifrado mas bajo
Un atacante podría hacer fuerza bruta con los civfrados mas bajo del servidor. Solo se debe permitir negociar con el cifrado mas fuerte
REGISTERING AVAILABLE PLUGINS —————————–PluginOpenSSLCipherSuites – OK PluginSessionResumption – OK PluginCertInfo – OK PluginEmpty – OK PluginSessionRenegotiation – OKCHECKING HOST(S) AVAILABILITY —————————–example.com:443 => example.com:443SCAN RESULTS FOR example.com:443 – example.com:443 ——————————————————–* TLSV1 Cipher Suites : Cipher Suite: SSL Handshake: HTTP GET: DHE-RSA-AES256-SHA 256bits Preferred 200 OK RC4-SHA 128bits Accepted 200 OK RC4-MD5 128bits Accepted 200 OK EXP-RC4-MD5 40bits Accepted 200 OK EXP-RC2-CBC-MD5 40bits Accepted 200 OK EXP-EDH-RSA-DES-CBC-SHA 40bits Accepted 200 OK EXP-DES-CBC-SHA 40bits Accepted 200 OK EDH-RSA-DES-CBC3-SHA 168bits Accepted 200 OK EDH-RSA-DES-CBC-SHA 56bits Accepted 200 OK DHE-RSA-AES128-SHA 128bits Accepted 200 OK DES-CBC3-SHA 168bits Accepted 200 OK DES-CBC-SHA 56bits Accepted 200 OK AES256-SHA 256bits Accepted 200 OK AES128-SHA 128bits Accepted 200 OK NULL-SHA Rejected – SSL Alert N/A NULL-MD5 Rejected – SSL Alert N/A EXP-EDH-DSS-DES-CBC-SHA Rejected – SSL Alert N/A EXP-ADH-RC4-MD5 Rejected – SSL Alert N/A EXP-ADH-DES-CBC-SHA Rejected – SSL Alert N/A EDH-DSS-DES-CBC3-SHA Rejected – SSL Alert N/A EDH-DSS-DES-CBC-SHA Rejected – SSL Alert N/A DHE-DSS-AES256-SHA Rejected – SSL Alert N/A DHE-DSS-AES128-SHA Rejected – SSL Alert N/A ADH-RC4-MD5 Rejected – SSL Alert N/A ADH-DES-CBC3-SHA Rejected – SSL Alert N/A ADH-DES-CBC-SHA Rejected – SSL Alert N/A ADH-AES256-SHA Rejected – SSL Alert N/A ADH-AES128-SHA Rejected – SSL Alert N/A* SSLV3 Cipher Suites : Cipher Suite: SSL Handshake: HTTP GET: DHE-RSA-AES256-SHA 256bits Preferred 200 OK RC4-SHA 128bits Accepted 200 OK RC4-MD5 128bits Accepted 200 OK EXP-RC4-MD5 40bits Accepted 200 OK EXP-RC2-CBC-MD5 40bits Accepted 200 OK EXP-EDH-RSA-DES-CBC-SHA 40bits Accepted 200 OK EXP-DES-CBC-SHA 40bits Accepted 200 OK EDH-RSA-DES-CBC3-SHA 168bits Accepted 200 OK EDH-RSA-DES-CBC-SHA 56bits Accepted 200 OK DHE-RSA-AES128-SHA 128bits Accepted 200 OK DES-CBC3-SHA 168bits Accepted 200 OK DES-CBC-SHA 56bits Accepted 200 OK AES256-SHA 256bits Accepted 200 OK AES128-SHA 128bits Accepted 200 OK NULL-SHA Rejected – SSL Alert N/A NULL-MD5 Rejected – SSL Alert N/A EXP-EDH-DSS-DES-CBC-SHA Rejected – SSL Alert N/A EXP-ADH-RC4-MD5 Rejected – SSL Alert N/A EXP-ADH-DES-CBC-SHA Rejected – SSL Alert N/A EDH-DSS-DES-CBC3-SHA Rejected – SSL Alert N/A EDH-DSS-DES-CBC-SHA Rejected – SSL Alert N/A DHE-DSS-AES256-SHA Rejected – SSL Alert N/A DHE-DSS-AES128-SHA Rejected – SSL Alert N/A ADH-RC4-MD5 Rejected – SSL Alert N/A ADH-DES-CBC3-SHA Rejected – SSL Alert N/A ADH-DES-CBC-SHA Rejected – SSL Alert N/A ADH-AES256-SHA Rejected – SSL Alert N/A ADH-AES128-SHA Rejected – SSL Alert N/A* SSLV2 Cipher Suites : Cipher Suite: SSL Handshake: HTTP GET: DES-CBC3-MD5 168bits Preferred 200 OK RC4-MD5 128bits Accepted 200 OK RC2-CBC-MD5 128bits Accepted 200 OK EXP-RC4-MD5 40bits Accepted 200 OK EXP-RC2-CBC-MD5 40bits Accepted 200 OK DES-CBC-MD5 56bits Accepted 200 OKSCAN COMPLETED IN 2.10 S ————————
En este caso podemos negociar cualquiera de los certificados
Ya tenéis otra herramienta para testear tu seguridad ssl.
Saludos cordiales