Why Us   |   Innovation   |   Subscribe  |   How to Buy   |   Tools   |    Support    |
 | GR | 
besecure.gr  >  Tools  >  SSL Audit Resources
SSL Scan
Enter Domain Name bellow to perform an online SSL assessment
The Secure Sockets Layer (SSL) protocol is a standard for encrypted network communication. Qualys SSL Labs assessment methodology, allows administrators to assess SSL server configuration confidently without the need to become SSL experts.
Download SSL Server Rating Guide

SSL Info

IP-Address or Domain-Name: Connect using port:

Shows information about the SSL-Certificate of a SSL-enabled server, checks the servers preferred SSL-handshake, the preferred cipher and cipherstrength and show then all supported ciphers. This service is primary targeted to HTTPS, but you can also check other SSL-enabled servers like POP3S (port:995) SSMTP (port:465) or even SSH.
Please be patient - a complete SSL-Check can take up to 2 minutes depending on the serverload and speed.

Latest SSL Based Attacks
The following SSL based attacks are assessed by the provided online SSL Scan tool.
SSL DOS Attack
October 2011. A group of hackers known as THC (The Hacker's Choice) released a DoS tool that works at the SSL/TLS layer. The tool is exploiting the fact that, when a new SSL connection is being negotiated, the server will typically spend significantly more CPU resources than the client. Thus, if you are requesting many new SSL connections per second, you may end up using all of the server's CPU.
SSL DOS Attack Remediation Actions
BEAST Attack
September 2011. The attack, dubbed BEAST by researchers, allows an adversary to decrypt parts of the encrypted data stream, potentially leading to session hijacking, information disclosure, and more.
Beast Attack Remediation Actions

Useful SSL Resources

TLS/SSL Hardening & Compatibility Report 2011
This report gives general recommendations as to how to configure SSL/TLS in order to provide state of the art authentication and encryption support

SSL PCI DSS Compliance Requirements
Avoid receiving a “NOT COMPLIANT” report as a result of failing the following two tests of PCI DSS:
- Deprecated SSL Protocol Usage
- Weak Supported SSL Ciphers Suites

Related Content
SSL Certificate Solutions
GeoTrust WebSite Anti Malware Scan
FREE Vulnerability Assessment Service
Compliance Gap Analysis Services
Security Auditing Solutions
Investigate an IP Address