Solved

Ways to assess https/ssl websites

Posted on 2016-11-02
3
126 Views
Last Modified: 2016-11-08
https://www.ssllabs.com/ssltest

I currently use the above to scan & assess (but without whitelisting).
Are there better ways/tools do assess a https/ssl site?  Some sites
simply cant connect using the above scanning url
0
Comment
Question by:sunhux
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 12

Accepted Solution

by:
Kent W earned 250 total points
ID: 41870663
Can you explain more of what you mean by "can not connect using the above scanning URL"?
If there is something preventing SSL labs from connecting to your sites, this will probably hinder others.
There are other scanners, I'll only list those that check the security / validity of your cert. Some, for instance, are geared towards just checking for correct installation. These actually test SSL security factors.  (That being said, it's very hard to beat Qualys's SSL Labs.)
Others -
https://www.sslshopper.com/ssl-checker.html
https://www.htbridge.com/ssl/
0
 

Assisted Solution

by:sunhux
sunhux earned 0 total points
ID: 41871586
Then I should be looking at other aspects of the secure website like
what Pen Test scans do : Tcp timestamp, folders of the IIS is listable
etc
0
 
LVL 83

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 250 total points
ID: 41871664
SSL Labs testing makes a lot of requests to the site it is testing.  Some sites reject the requests at times on the basis that it is not a 'normal' method of requesting the site.
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The conference as a whole was very interesting, although if one has to make a choice between this one and some others, you may want to check out the others.  This conference is aimed mainly at government agencies.  So it addresses the various compli…
Article by: Justin
In light of the WannaCry ransomware attack that affected millions of Windows machines, you might wonder if your Mac needs protecting. Yes, it does and here is how to do it.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question