trojan81
asked on
tool like openssl for windows
Hi experts,
I am a network engineer and don't normally deal with coding or IT forensics.
What I am looking to do is see the type of response from our SSL sites when it receives an SSLV2 requests.
I've read that openssl does the trick but I don't think it installs on Windows (correct me if I am wrong). What other tools are available for this?
I am a network engineer and don't normally deal with coding or IT forensics.
What I am looking to do is see the type of response from our SSL sites when it receives an SSLV2 requests.
I've read that openssl does the trick but I don't think it installs on Windows (correct me if I am wrong). What other tools are available for this?
Last Comment
SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Windows binaries for openssl:
http://www.openssl.org/related/binaries.html
Hope this helps.
All that has is the link I already provided.
ASKER
Thank you. i was able to load openssl on my Windows 64-bit computer.
I went into DOS and typed in c:\openssl-win64\bin\opens
Now I get an OPENSSL prompt.
I will diable sslv3 and only allow sslv2 on my browser. I want to then go to www.chase.com and see how it responds.
Can someone provide a same syntax for accomplishing this? Chase IP is 159.53.60.115
I went into DOS and typed in c:\openssl-win64\bin\opens
Now I get an OPENSSL prompt.
I will diable sslv3 and only allow sslv2 on my browser. I want to then go to www.chase.com and see how it responds.
Can someone provide a same syntax for accomplishing this? Chase IP is 159.53.60.115
ASKER
I don't see a syntax for S-client.
OpenSSL> s-client ?
openssl:Error: 's-client' is an invalid command.
OpenSSL> openssl s_client ?
openssl:Error: 'openssl' is an invalid command.
OpenSSL> s-client ?
openssl:Error: 's-client' is an invalid command.
OpenSSL> openssl s_client ?
openssl:Error: 'openssl' is an invalid command.
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Run that and if you see the certificate, you *should* be good.
I should have clarified. If you see the certificate, then SSLv2 is enabled. Not sure what you are trying to accomplish, but disabling SSLv2 and weak ciphers are good things to do.
pod@box:~$ openssl s_client -connect chase.com:443 -ssl2
CONNECTED(00000003)
21740:error:1406D0CB:SSL routines:GET_SERVER_HELLO:peer error no cipher:s2_pkt.c:675:
21740:error:1407F0E5:SSL routines:SSL2_WRITE:ssl handshake failure:s2_pkt.c:428:
ASKER
Papertrip, thank you.
I was looking to verify that ssl2 was turned off on my site. Since I didn't see the cert when I ran that command I assume it is turned off.
I was looking to verify that ssl2 was turned off on my site. Since I didn't see the cert when I ran that command I assume it is turned off.
Microsoft IIS Web Server
IIS is Internet Information Services, the web server included with Windows Server operating systems. All current versions are built on a modular architecture; modules can be added or removed individually so that those required for specific functionality are installed. The full installation of IIS includes HTTP, security, content, compression, caching, logging and diagnostics.
36K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
Why not just fire up a Unix-based VM? Ubuntu is nice and friendly to those who are used to Windows, then you can just use "openssl s_client" combined with whatever special options you need for your testing. This approach realistically shouldn't take long at all these days, it's a pretty common practice.