Solved

Ways to assess https/ssl websites

Posted on 2016-11-02
3
95 Views
Last Modified: 2016-11-08
https://www.ssllabs.com/ssltest

I currently use the above to scan & assess (but without whitelisting).
Are there better ways/tools do assess a https/ssl site?  Some sites
simply cant connect using the above scanning url
0
Comment
Question by:sunhux
3 Comments
 
LVL 12

Accepted Solution

by:
Kent W earned 250 total points
ID: 41870663
Can you explain more of what you mean by "can not connect using the above scanning URL"?
If there is something preventing SSL labs from connecting to your sites, this will probably hinder others.
There are other scanners, I'll only list those that check the security / validity of your cert. Some, for instance, are geared towards just checking for correct installation. These actually test SSL security factors.  (That being said, it's very hard to beat Qualys's SSL Labs.)
Others -
https://www.sslshopper.com/ssl-checker.html
https://www.htbridge.com/ssl/
0
 

Assisted Solution

by:sunhux
sunhux earned 0 total points
ID: 41871586
Then I should be looking at other aspects of the secure website like
what Pen Test scans do : Tcp timestamp, folders of the IIS is listable
etc
0
 
LVL 83

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 250 total points
ID: 41871664
SSL Labs testing makes a lot of requests to the site it is testing.  Some sites reject the requests at times on the basis that it is not a 'normal' method of requesting the site.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Penetration Testing home based work 3 74
Disable SSLv3.0/TLSv1.0 - Windows 2012R2 3 31
Internet Protocol Security question 3 70
Creating a Vendor Admin user 23 52
With healthcare moving into the digital age with things like Healthcare.gov, the digitization of patient records and video conferencing with patients, data has a much greater chance of being exposed than ever before.
How do we balance the user experience (UX) with reasonable security measures? It can be done, if you keep these fundamentals in mind.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question