How to use the command 'sslscan' (with examples)

How to use the command 'sslscan' (with examples)

sslscan is a tool designed to perform a comprehensive scan of SSL/TLS security protocols and ciphers used by a server. This utility assists in identifying potential security risks by providing detailed information about the SSL/TLS capabilities and configurations of the server. sslscan is particularly useful for IT professionals and security analysts aiming to ensure the integrity and security of network communications.

Use case 1: Test a server on port 443

Code:

sslscan example.com

Motivation:

Testing a server on its standard SSL/TLS port, port 443, is a fundamental task when evaluating the security of a web server. This default port is generally used for HTTPS traffic, and assessing it helps determine if the server supports outdated or vulnerable encryption protocols and ciphers. By doing so, system administrators and security professionals can ensure that the communication between the server and the clients is encrypted and secure from potential eavesdropping or man-in-the-middle attacks.

Explanation:

  • sslscan: This calls the sslscan command, prompting the tool to start.
  • example.com: This is the domain of the server being tested. The domain name must point to a server to perform a meaningful scan. Without a domain name linked to an IP address, the command cannot identify which server to test.

Example Output:

Version: 1.11.11-static
OpenSSL 1.1.1  11 Sep 2018

Testing SSL server example.com on port 443

  Supported Server Cipher(s):
    Preferred TLSv1.2 128 bits AES-SHA
    Accepted  TLSv1.2 128 bits AES-SHA256
    Accepted  TLSv1.3 192 bits TLS_AES_192_GCM_SHA256

  Server Certificate:
    Subject:   example.com
    Issuer:    Trusted CA
    Validity:  From Dec 20 00:00:00 2022 GMT
               Until Dec 19 23:59:59 2023 GMT

Use case 2: Test a specified port

Code:

sslscan example.com:465

Motivation:

Many servers run SSL/TLS services on non-standard ports, especially for services other than HTTPS, such as email (SMTP over SSL, typically on port 465). By specifying a port, sslscan can evaluate these services to ensure they are securely configured. This is crucial for enterprises and service providers that manage various network services requiring encryption.

Explanation:

  • sslscan: Initiates the sslscan tool to perform its operations.
  • example.com:465: This specifies both the server (example.com) and the port (465) to be scanned. Non-standard ports for SSL/TLS services need explicit declaration to be assessed, which allows for a broader security evaluation outside of common HTTPS ports.

Example Output:

Version: 1.11.11-static
OpenSSL 1.1.1  11 Sep 2018

Testing SSL server example.com on port 465

  Supported Server Cipher(s):
    Preferred TLSv1.2 256 bits AES256-SHA
    Accepted  TLSv1.2 128 bits AES128-SHA
    Accepted  TLSv1.3 256 bits TLS_CHACHA20_POLY1305_SHA256

  Server Certificate:
    Subject:   mail.example.com
    Issuer:    Trusted CA
    Validity:  From Mar 1 00:00:00 2023 GMT
               Until Feb 28 23:59:59 2024 GMT

Use case 3: Show certificate information

Code:

testssl --show-certificate example.com

Motivation:

Understanding the details of a server’s SSL/TLS certificate is essential for verifying the authenticity and trustworthiness of a service. Displaying the certificate information allows users to ensure the certificate is issued by a reputable Certificate Authority (CA), check the expiration date, and confirm its applicability to the current domain. This is a important step in avoiding potential security breaches or trust issues in digital communications.

Explanation:

  • testssl --show-certificate: This is an alternative command used to display detailed certificate information about a server. It specifically focuses on gathering and displaying SSL/TLS certificate details.
  • example.com: Represents the domain whose SSL/TLS certificate will be reviewed. This is the target server for which the certificate details are required.

Example Output:

Testing server example.com on port 443

  Server Certificate Information:
    Subject:   example.com
    Issuer:    Secure CA
    Serial:    09:87:65:43:21:FF:EE:DD:CC:BB:AA
    Validity:  From Jan 15 00:00:00 2023 GMT
               Until Jan 14 23:59:59 2024 GMT
    Public Key:  2048 bit RSA

Conclusion:

The sslscan command, accompanied by tools like testssl, provides invaluable insights into server security configurations. By using these utilities, IT professionals can assess the compliance and robustness of SSL/TLS implementations, mitigate potential vulnerabilities, and reinforce the security of server-client communications. By understanding each use case and the output it provides, users can ensure the integrity and reliability of their network services.

Related Posts

How to Use the Command 'test' (with examples)

How to Use the Command 'test' (with examples)

The test command is a fundamental utility commonly used in Unix-like operating systems to perform different types of checks in shell scripts.

Read More
How to Use the Command 'glab auth' (with Examples)

How to Use the Command 'glab auth' (with Examples)

The glab auth command is a part of the GitLab CLI tool known as glab, which facilitates interactions with GitLab projects and repositories directly from the command line.

Read More
How to use the command 'cgexec' (with examples)

How to use the command 'cgexec' (with examples)

The cgexec command is a part of the Control Groups (cgroups) functionality in the Linux operating system, which allows administrators and users to set limits, measure, and control the resources that individual processes or groups of processes can use.

Read More