By Konstantinos Patronas

sslscan: Audit the SSL\TLS configuration of your web server

sslscan is a command line tool that gathers information about the SSL/TLS configuration of your web services which allows you to identify…

sslscan: Audit the SSL\TLS configuration of your web server
Photo by Brands&People on Unsplash

sslscan is a command line tool that gathers information about the SSL/TLS configuration of your web services which allows you to identify potential security issues.

Installation

Installing sslscan on mainstream Linux systems is very easy using package managers.

On deb systems like Ubuntu or Debian enter the following to install sslscan

sudo apt-get update 
sudo apt-get install sslscan

On rpm systems like Centos or RHEL enter the following to install sslscan

sudo yum install epel-release 
sudo yum install sslscan

Usage

By default sslscan tests port 443 of a server

sslscan example.com

running this will throw a lot of output on the screen but knowing the following can help you identify what matters in terms of security

Output is color-coded to indicate security issues

  • Red background: null cipher (no encryption)
  • Red: cipher ≤ 40bit, broken protocol (SSLv2 or SSLv3) or broken certificate signing algorithm (MD5)
  • Yellow: weak cipher ( ≤ 56bit or RC4) or weak certificate signing algorithm (SHA-1)
  • Purple: Anonymous cipher (ADH or AECDH)

You can see more options here https://manpages.debian.org/testing/sslscan/sslscan.1.en.html

Saving output to xml

One nice feature is the save output to XML

sslscan --xml=example.com.xml example.com

Making sslscan work in parallel

To perform parallel scans of sites do the following, create a file named sites.txt and add the sites you want to scan

example.com 
example1.com 
... 
example10.com

Now using xargs we can do the following trick to scan in parallel and create one file per site

cat sites.txt| xargs -P$(cat sites.txt | wc -l) -I{} sslscan --xml={}.xml {} >/dev/null

How it works

  • cat pipes the sites each line in xargs
  • xargs runs sslscan for each site
  • -P$(cat sites.txt | wc -l) runs sslscan in parallel, the number of parallel processes will be the number of sites

Conclusion

Auditing SSL/TLS configuration can be very important, sslscan is a tool that can help you to accomplish this, along with xargs, and that capability to save output as XML can create a powerful auditing solution!