Browse Source

nearly-done

master
boB Rudis 5 years ago
parent
commit
cc27d05c00
No known key found for this signature in database GPG Key ID: 1D7529BE14E2BBA9
  1. 1062
      data/ssl/brieger.esalq.usp.br_p443-20190303-0827.json
  2. 3821
      data/ssl/cloud.r-project.org_p443-20190303-0729.json
  3. 1237
      data/ssl/cran-r.c3sl.ufpr.br_p443-20190303-0811.json
  4. 1027
      data/ssl/cran.asia_p443-20190303-0835.json
  5. 1125
      data/ssl/cran.biodisk.org_p443-20190303-0841.json
  6. 969
      data/ssl/cran.biotools.fr_p443-20190303-0837.json
  7. 1169
      data/ssl/cran.case.edu_p443-20190303-0846.json
  8. 1020
      data/ssl/cran.cnr.berkeley.edu_p443-20190303-0846.json
  9. 1223
      data/ssl/cran.csiro.au_p443-20190303-0743.json
  10. 1062
      data/ssl/cran.curtin.edu.au_p443-20190303-0759.json
  11. 957
      data/ssl/cran.dcc.uchile.cl_p443-20190303-0835.json
  12. 1146
      data/ssl/cran.fiocruz.br_p443-20190303-0817.json
  13. 1076
      data/ssl/cran.hafro.is_p443-20190303-0838.json
  14. 1067
      data/ssl/cran.ism.ac.jp_p443-20190303-0839.json
  15. 1148
      data/ssl/cran.itam.mx_p443-20190303-0841.json
  16. 1097
      data/ssl/cran.ma.imperial.ac.uk_p443-20190303-0846.json
  17. 1055
      data/ssl/cran.ms.unimelb.edu.au_p443-20190303-0753.json
  18. 985
      data/ssl/cran.mtu.edu_p443-20190303-0846.json
  19. 1027
      data/ssl/cran.ncc.metu.edu.tr_p443-20190303-0845.json
  20. 1048
      data/ssl/cran.pau.edu.tr_p443-20190303-0845.json
  21. 2003
      data/ssl/cran.rapporter.net_p443-20190303-0838.json
  22. 1148
      data/ssl/cran.rediris.es_p443-20190303-0843.json
  23. 999
      data/ssl/cran.revolutionanalytics.com_p443-20190303-0847.json
  24. 1088
      data/ssl/cran.seoul.go.kr_p443-20190303-0841.json
  25. 992
      data/ssl/cran.stat.auckland.ac.nz_p443-20190303-0841.json
  26. 1111
      data/ssl/cran.stat.nus.edu.sg_p443-20190303-0842.json
  27. 1188
      data/ssl/cran.stat.unipd.it_p443-20190303-0839.json
  28. 1083
      data/ssl/cran.stat.upd.edu.ph_p443-20190303-0842.json
  29. 1076
      data/ssl/cran.uib.no_p443-20190303-0842.json
  30. 1076
      data/ssl/cran.um.ac.ir_p443-20190303-0839.json
  31. 1188
      data/ssl/cran.uni-muenster.de_p443-20190303-0838.json
  32. 1020
      data/ssl/cran.univ-paris1.fr_p443-20190303-0837.json
  33. 1027
      data/ssl/cran.usthb.dz_p443-20190303-0733.json
  34. 1076
      data/ssl/cran.wu.ac.at_p443-20190303-0804.json
  35. 1120
      data/ssl/cran.yu.ac.kr_p443-20190303-0840.json
  36. 1048
      data/ssl/dirichlet.mat.puc.cl_p443-20190303-0835.json
  37. 1034
      data/ssl/espejito.fder.edu.uy_p443-20190303-0848.json
  38. 2615
      data/ssl/fourdots.com_p443-20190303-0842.json
  39. 2017
      data/ssl/ftp.acc.umu.se_p443-20190303-0843.json
  40. 1055
      data/ssl/ftp.cc.uoc.gr_p443-20190303-0838.json
  41. 1075
      data/ssl/ftp.cixug.es_p443-20190303-0843.json
  42. 1041
      data/ssl/ftp.eenet.ee_p443-20190303-0835.json
  43. 1013
      data/ssl/ftp.fau.de_p443-20190303-0837.json
  44. 943
      data/ssl/ftp.gwdg.de_p443-20190303-0837.json
  45. 3489
      data/ssl/ftp.harukasan.org_p443-20190303-0840.json
  46. 1053
      data/ssl/ftp.heanet.ie_p443-20190303-0839.json
  47. 943
      data/ssl/ftp.igh.cnrs.fr_p443-20190303-0837.json
  48. 3126
      data/ssl/ftp.osuosl.org_p443-20190303-0847.json
  49. 1090
      data/ssl/ftp.ussg.iu.edu_p443-20190303-0846.json
  50. 3989
      data/ssl/ftp.yz.yamagata-u.ac.jp_p443-20190303-0839.json
  51. 1013
      data/ssl/ftp.yzu.edu.tw_p443-20190303-0844.json
  52. 1083
      data/ssl/lib.ugent.be_p443-20190303-0809.json
  53. 1167
      data/ssl/mirror-hk.koddos.net_p443-20190303-0835.json
  54. 934
      data/ssl/mirror.aarnet.edu.au_p443-20190303-0749.json
  55. 1034
      data/ssl/mirror.cedia.org.ec_p443-20190303-0835.json
  56. 1004
      data/ssl/mirror.epn.edu.ec_p443-20190303-0835.json
  57. 1006
      data/ssl/mirror.ibcp.fr_p443-20190303-0837.json
  58. 1090
      data/ssl/mirror.its.dal.ca_p443-20190303-0835.json
  59. 993
      data/ssl/mirror.its.sfu.ca_p443-20190303-0835.json
  60. 1069
      data/ssl/mirror.las.iastate.edu_p443-20190303-0846.json
  61. 957
      data/ssl/mirror.lzu.edu.cn_p443-20190303-0835.json
  62. 1048
      data/ssl/mirrors.dotsrc.org_p443-20190303-0835.json
  63. 992
      data/ssl/mirrors.eliteu.cn_p443-20190303-0835.json
  64. 950
      data/ssl/mirrors.nic.cz_p443-20190303-0835.json
  65. 1033
      data/ssl/mirrors.shu.edu.cn_p443-20190303-0835.json
  66. 1897
      data/ssl/mirrors.tongji.edu.cn_p443-20190303-0835.json
  67. 1097
      data/ssl/mirrors.tuna.tsinghua.edu.cn_p443-20190303-0835.json
  68. 2311
      data/ssl/mirrors.ustc.edu.cn_p443-20190303-0835.json
  69. 1055
      data/ssl/muug.ca_p443-20190303-0835.json
  70. 1076
      data/ssl/pbil.univ-lyon1.fr_p443-20190303-0835.json
  71. 1134
      data/ssl/repo.bppt.go.id_p443-20190303-0839.json
  72. 1055
      data/ssl/rweb.crmda.ku.edu_p443-20190303-0846.json
  73. 1076
      data/ssl/stat.ethz.ch_p443-20190303-0844.json
  74. 1160
      data/ssl/vps.fmvz.usp.br_p443-20190303-0821.json
  75. 971
      data/ssl/wbc.upm.edu.my_p443-20190303-0841.json
  76. 1062
      data/ssl/www.freestatistics.org_p443-20190303-0807.json
  77. 1110
      data/ssl/www.icesi.edu.co_p443-20190303-0835.json
  78. 1076
      data/ssl/www.stats.bris.ac.uk_p443-20190303-0845.json
  79. 396
      orly.R
  80. 2531
      orly.html
  81. 1024
      orly.md
  82. BIN
      orly_files/figure-html/alt-names-ct-1.png
  83. BIN
      orly_files/figure-html/apache-history-1.png
  84. BIN
      orly_files/figure-html/cran-map-1.png
  85. BIN
      orly_files/figure-html/nginx-history-1.png
  86. BIN
      orly_files/figure-html/other-stuff-1.png
  87. BIN
      orly_files/figure-html/testssl-1.png

1062
data/ssl/brieger.esalq.usp.br_p443-20190303-0827.json

File diff suppressed because it is too large

3821
data/ssl/cloud.r-project.org_p443-20190303-0729.json

File diff suppressed because it is too large

1237
data/ssl/cran-r.c3sl.ufpr.br_p443-20190303-0811.json

File diff suppressed because it is too large

1027
data/ssl/cran.asia_p443-20190303-0835.json

File diff suppressed because it is too large

1125
data/ssl/cran.biodisk.org_p443-20190303-0841.json

File diff suppressed because it is too large

969
data/ssl/cran.biotools.fr_p443-20190303-0837.json

@ -0,0 +1,969 @@
[
{
"id" : "service",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "HTTP"
}
, {
"id" : "SSLv2",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"finding" : "not offered"
}
, {
"id" : "SSLv3",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"finding" : "not offered"
}
, {
"id" : "TLS1",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered"
}
, {
"id" : "TLS1_1",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "offered"
}
, {
"id" : "TLS1_2",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "TLS1_3",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered and downgraded to a weaker protocol"
}
, {
"id" : "NPN",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered"
}
, {
"id" : "ALPN",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered"
}
, {
"id" : "cipherlist_NULL",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_aNULL",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_EXPORT",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_LOW",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_3DES_IDEA",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-310",
"finding" : "not offered"
}
, {
"id" : "cipherlist_AVERAGE",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "LOW",
"cwe" : "CWE-310",
"finding" : "offered"
}
, {
"id" : "cipherlist_STRONG",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "PFS",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "PFS_ciphers",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA ECDHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "PFS_ECDHE_curves",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"finding" : "secp256k1 prime256v1 secp384r1 secp521r1"
}
, {
"id" : "DH_groups",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"finding" : "RFC3526/Oakley Group 14"
}
, {
"id" : "cipher_order",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "HIGH",
"finding" : "NOT a cipher order configured"
}
, {
"id" : "protocol_negotiated",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"finding" : "Default protocol TLS1.2"
}
, {
"id" : "cipher_negotiated",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "LOW",
"finding" : "DHE-RSA-AES256-SHA256, 2048 bit DH (cbc) (matching cipher in list missing)"
}
, {
"id" : "cipher_order_",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "at (matching cipher in list missing)"
}
, {
"id" : "cipher_order_",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "at (matching cipher in list missing)"
}
, {
"id" : "cipher_order_",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "at (matching cipher in list missing)"
}
, {
"id" : "cipher_order_TLSv1.1",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES256-SHA at TLSv1.1 (matching cipher in list missing)"
}
, {
"id" : "cipher_order_TLSv1.2",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES256-GCM-SHA384 at TLSv1.2 (matching cipher in list missing)"
}
, {
"id" : "cipher_order_",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "at (matching cipher in list missing)"
}
, {
"id" : "TLS_extensions",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "'server name/#0' 'renegotiation info/#65281' 'EC point formats/#11' 'session ticket/#35' 'heartbeat/#15'"
}
, {
"id" : "TLS_session_ticket",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "valid for 300 seconds only (<daily)"
}
, {
"id" : "SSL_sessionID_support",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "yes"
}
, {
"id" : "sessionresumption_ticket",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "supported"
}
, {
"id" : "sessionresumption_ID",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "supported"
}
, {
"id" : "TLS_timestamp",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "random"
}
, {
"id" : "cert_numbers",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "1"
}
, {
"id" : "cert_signatureAlgorithm",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"finding" : "SHA256 with RSA"
}
, {
"id" : "cert_keySize",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "2048 bits"
}
, {
"id" : "cert_keyUsage",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "Digital Signature, Key Encipherment"
}
, {
"id" : "cert_extKeyUsage",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "cert_ext_keyusage"
}
, {
"id" : "cert_serialNumber",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "2544949D7D776169E4D153C5A2098026"
}
, {
"id" : "cert_fingerprintSHA1",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "DECFA5C8E6229B6CA4EC0EED1AB68BFB6042A3A4"
}
, {
"id" : "cert_fingerprintSHA256",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "467CD69F0E79EF5F9C6190F475EADC904927A4412F043A1A0C1B6914A40315A8"
}
, {
"id" : "cert",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "-----BEGIN CERTIFICATE----- MIIG1zCCBb+gAwIBAgIQJUSUnX13YWnk0VPFogmAJjANBgkqhkiG9w0BAQsFADCB kDELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxNjA0BgNV BAMTLUNPTU9ETyBSU0EgRG9tYWluIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBD QTAeFw0xODA4MzAwMDAwMDBaFw0yMDA4MzAyMzU5NTlaMFQxITAfBgNVBAsTGERv bWFpbiBDb250cm9sIFZhbGlkYXRlZDEUMBIGA1UECxMLUG9zaXRpdmVTU0wxGTAX BgNVBAMTEGNyYW4uYmlvdG9vbHMuZnIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw ggEKAoIBAQDfGZuxfKtN8Tk7oG0NbopNLThTqRPCEQSRPoj0PI7nbp9uA3kzTdoh JW8FbsBxW6nTFNPszluSyvWWzOOUHddwFGGUlB1xKAGv4bl6RujF+YyMAOidM6YV fdODwL5uaxtI+4qOForaD1svMAk6cBo3WllJQyCb9IHJPm8oJ7PZbfB98amDnfgU 0Sv5GUOg3h6PRnhmYP70tLctsZJ8/ImVjjHGRKr3HGGUuGy1gFLTB7tWR6XnP3ub 08+tJIH6WnXeFLamiI555iovi4716xztI6y0qs9z5WaXhJ+Vn0DLLC4L7bKnGTef eKhHjv8e899GFvAAKnKsS0nQaTrspEZPAgMBAAGjggNmMIIDYjAfBgNVHSMEGDAW gBSQr2o6lFoL2JDqElZz30O0Oija5zAdBgNVHQ4EFgQUOqr4OZVe70XTxYft1I75 fcozT4cwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI KwYBBQUHAwEGCCsGAQUFBwMCME8GA1UdIARIMEYwOgYLKwYBBAGyMQECAgcwKzAp BggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1cmUuY29tb2RvLmNvbS9DUFMwCAYGZ4EM AQIBMFQGA1UdHwRNMEswSaBHoEWGQ2h0dHA6Ly9jcmwuY29tb2RvY2EuY29tL0NP TU9ET1JTQURvbWFpblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcmwwgYUGCCsG AQUFBwEBBHkwdzBPBggrBgEFBQcwAoZDaHR0cDovL2NydC5jb21vZG9jYS5jb20v Q09NT0RPUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNydDAkBggr BgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMDEGA1UdEQQqMCiCEGNy YW4uYmlvdG9vbHMuZnKCFHd3dy5jcmFuLmJpb3Rvb2xzLmZyMIIBfwYKKwYBBAHW eQIEAgSCAW8EggFrAWkAdgDuS723dc5guuFCaR+r4Z5mow9+X7By2IMAxHuJeqj9 ywAAAWWKGumvAAAEAwBHMEUCIQDczpq3Ds+4IEkDqpbgGfkT8Ke6K/0umSP2cd70 AWkXawIgVs44jqfCMo5KPq8AwOSpPQsEp6lXGB55pKEK8Zef57kAdwBep3P531bA 57U2SH3QSeAyepGaDIShEhKEGHWWgXFFWAAAAWWKGunwAAAEAwBIMEYCIQDIghl+ 90chehD/H2bnSi2fFX2WMiiIvn0BK/HLn8xEcgIhANt8b+iEfwL59ja/9i90ybRr ebP9H6dhGwPhZl2A6Z67AHYAVYHUwhaQNgFK6gubVzxT8MDkOHhwJQgXL6OqHQcT 0wwAAAFlihrqfgAABAMARzBFAiAI/84XC2sJrf/99JjQbjkGErCk9Sufbg2HC2BZ SeVQ/AIhAIoVOVPP1Z8VOQ//zANccA6pe07Jai/nf5rm+Oe0MuZ/MA0GCSqGSIb3 DQEBCwUAA4IBAQBez3O9my525tZGv7N4YhUgT6cxOeCRipAIWXQAmBE3/Noet/4X vtTMxAZNQXNnai8WStPbePdvbfy/da83DtUwpw9QGleVCx9K6JMRqQby2eDQlo2I gL3IEZOMtRQkQtoXyvRlqVLgyyuSSP6F+BHEnpMAH41IRucW4PiBxy7g5iG64LKo OPKXD/fJ3bfvHy4ZsttqouhF569D3KpA1dn4nc05C431CnmG3fYdM9g4VrMurxEc SXL/zdx46aBMrGcm/PMc0Q7ZKNfNuSt4Pd96uCFegEkXHq1LmQu3u0OX5+B0fEjK KF0l5LOPwKmsEaSVUE9iuBJNQPF2ikrVur11 -----END CERTIFICATE-----"
}
, {
"id" : "cert_commonName",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"finding" : "cran.biotools.fr"
}
, {
"id" : "cert_commonName_wo_SNI",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "cran.biotools.fr"
}
, {
"id" : "cert_subjectAltName",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "cran.biotools.fr www.cran.biotools.fr"
}
, {
"id" : "cert_caIssuers",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "COMODO RSA Domain Validation Secure Server CA (COMODO CA Limited from GB)"
}
, {
"id" : "cert_trust",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"finding" : "Ok via SAN and CN (same w/o SNI)"
}
, {
"id" : "cert_chain_of_trust",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"finding" : "passed."
}
, {
"id" : "cert_certificatePolicies_EV",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "no"
}
, {
"id" : "cert_eTLS",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "not present"
}
, {
"id" : "cert_expiration_status",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"finding" : "546 >= 60 days"
}
, {
"id" : "cert_notBefore",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "2018-08-29 20:00"
}
, {
"id" : "cert_notAfter",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"finding" : "2020-08-30 19:59"
}
, {
"id" : "certs_countServer",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "3"
}
, {
"id" : "certs_list_ordering_problem",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "no"
}
, {
"id" : "cert_crlDistributionPoints",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl"
}
, {
"id" : "cert_ocspURL",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "http://ocsp.comodoca.com"
}
, {
"id" : "OCSP_stapling",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "LOW",
"finding" : "not offered"
}
, {
"id" : "cert_mustStapleExtension",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "--"
}
, {
"id" : "DNS_CAArecord",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "LOW",
"finding" : "--"
}
, {
"id" : "certificate_transparency",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"finding" : "yes (certificate extension)"
}
, {
"id" : "HTTP_status_code",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "200 OK ('/')"
}
, {
"id" : "HTTP_clock_skew",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "0 seconds from localtime"
}
, {
"id" : "HSTS",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "LOW",
"finding" : "not offered"
}
, {
"id" : "HPKP",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "No support for HTTP Public Key Pinning"
}
, {
"id" : "banner_server",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16"
}
, {
"id" : "banner_application",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "No application banner found"
}
, {
"id" : "cookie_count",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "0 at '/'"
}
, {
"id" : "security_headers",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "MEDIUM",
"finding" : "--"
}
, {
"id" : "banner_reverseproxy",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"cwe" : "CWE-200",
"finding" : "--"
}
, {
"id" : "heartbleed",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-0160",
"cwe" : "CWE-119",
"finding" : "not vulnerable , timed out"
}
, {
"id" : "CCS",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-0224",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "ticketbleed",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-9244",
"cwe" : "CWE-200",
"finding" : "not vulnerable"
}
, {
"id" : "ROBOT",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2017-17382 CVE-2017-17427 CVE-2017-17428 CVE-2017-13098 CVE-2017-1000385 CVE-2017-13099 CVE-2016-6883 CVE-2012-5081 CVE-2017-6168",
"cwe" : "CWE-203",
"finding" : "not vulnerable, no RSA key transport cipher"
}
, {
"id" : "secure_renego",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2009-3555",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "secure_client_renego",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2009-3555",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "CRIME_TLS",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2012-4929",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "BREACH",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "HIGH",
"cve" : "CVE-2013-3587",
"cwe" : "CWE-310",
"finding" : "potentially VULNERABLE, uses gzip HTTP compression - only supplied '/' tested"
}
, {
"id" : "POODLE_SSL",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-3566",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "fallback_SCSV",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"finding" : "supported"
}
, {
"id" : "SWEET32",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-2183 CVE-2016-6329",
"cwe" : "CWE-327",
"finding" : "not vulnerable"
}
, {
"id" : "FREAK",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-0204",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "DROWN",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-0800 CVE-2016-0703",
"cwe" : "CWE-310",
"finding" : "not vulnerable to DROWN on this host and port"
}
, {
"id" : "DROWN",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"cve" : "CVE-2016-0800 CVE-2016-0703",
"cwe" : "CWE-310",
"finding" : "Make sure you don't use this certificate elsewhere with SSLv2 enabled services, see https://censys.io/ipv4?q=467CD69F0E79EF5F9C6190F475EADC904927A4412F043A1A0C1B6914A40315A8"
}
, {
"id" : "LOGJAM-common_primes",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"cve" : "CVE-2015-4000",
"cwe" : "CWE-310",
"finding" : "RFC3526/Oakley Group 14"
}
, {
"id" : "LOGJAM",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-4000",
"cwe" : "CWE-310",
"finding" : "not vulnerable, no DH EXPORT ciphers,"
}
, {
"id" : "BEAST",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2011-3389",
"cwe" : "CWE-20",
"finding" : "not vulnerable, no SSL3 or TLS1"
}
, {
"id" : "LUCKY13",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "LOW",
"cve" : "CVE-2013-0169",
"cwe" : "CWE-310",
"finding" : "potentially vulnerable, uses TLS CBC ciphers"
}
, {
"id" : "RC4",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2013-2566 CVE-2015-2808",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "cipher_xc030",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH 521 AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
}
, {
"id" : "cipher_xc028",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "xc028 ECDHE-RSA-AES256-SHA384 ECDH 521 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"
}
, {
"id" : "cipher_xc014",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "xc014 ECDHE-RSA-AES256-SHA ECDH 521 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
}
, {
"id" : "cipher_x9f",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "x9f DHE-RSA-AES256-GCM-SHA384 DH 2048 AESGCM 256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384"
}
, {
"id" : "cipher_x6b",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "x6b DHE-RSA-AES256-SHA256 DH 2048 AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"
}
, {
"id" : "cipher_x39",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "x39 DHE-RSA-AES256-SHA DH 2048 AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA"
}
, {
"id" : "cipher_xc02f",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH 521 AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
}
, {
"id" : "cipher_x9e",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "x9e DHE-RSA-AES128-GCM-SHA256 DH 2048 AESGCM 128 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256"
}
, {
"id" : "clientsimulation-android_422",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-android_442",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-android_500",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-android_60",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-android_70",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-chrome_65_win7",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-chrome_70_win10",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-firefox_59_win7",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-firefox_62_win7",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-ie_6_xp",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-ie_7_vista",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-ie_8_win7",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-ie_8_xp",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-ie_11_win7",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-SHA384"
}
, {
"id" : "clientsimulation-ie_11_win81",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-SHA384"
}
, {
"id" : "clientsimulation-ie_11_winphone81",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-ie_11_win10",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-edge_13_win10",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-edge_13_winphone10",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-edge_15_win10",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-opera_17_win7",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-safari_9_ios9",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-safari_9_osx1011",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-safari_10_osx1012",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-apple_ats_9_ios9",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-tor_1709_win7",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-java_6u45",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-java_7u25",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-java_8u161",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-SHA384"
}
, {
"id" : "clientsimulation-java_904",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-openssl_101l",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-openssl_102e",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "scanTime",
"ip" : "cran.biotools.fr/87.98.155.219",
"port" : "443",
"severity" : "INFO",
"finding" : "95"
}
]

1169
data/ssl/cran.case.edu_p443-20190303-0846.json

File diff suppressed because it is too large

1020
data/ssl/cran.cnr.berkeley.edu_p443-20190303-0846.json

File diff suppressed because one or more lines are too long

1223
data/ssl/cran.csiro.au_p443-20190303-0743.json

File diff suppressed because it is too large

1062
data/ssl/cran.curtin.edu.au_p443-20190303-0759.json

File diff suppressed because it is too large

957
data/ssl/cran.dcc.uchile.cl_p443-20190303-0835.json

@ -0,0 +1,957 @@
[
{
"id" : "service",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "HTTP"
}
, {
"id" : "SSLv2",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"finding" : "not offered"
}
, {
"id" : "SSLv3",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"finding" : "not offered"
}
, {
"id" : "TLS1",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "offered"
}
, {
"id" : "TLS1_1",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "offered"
}
, {
"id" : "TLS1_2",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "TLS1_3",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered and downgraded to a weaker protocol"
}
, {
"id" : "NPN",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered"
}
, {
"id" : "ALPN",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "http/1.1"
}
, {
"id" : "cipherlist_NULL",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_aNULL",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_EXPORT",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_LOW",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_3DES_IDEA",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-310",
"finding" : "not offered"
}
, {
"id" : "cipherlist_AVERAGE",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "LOW",
"cwe" : "CWE-310",
"finding" : "offered"
}
, {
"id" : "cipherlist_STRONG",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "PFS",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "PFS_ciphers",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA ECDHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "PFS_ECDHE_curves",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"finding" : "sect283k1 sect283r1 sect409k1 sect409r1 sect571k1 sect571r1 secp256k1 prime256v1 secp384r1 secp521r1 brainpoolP256r1 brainpoolP384r1 brainpoolP512r1"
}
, {
"id" : "DH_groups",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"finding" : "RFC3526/Oakley Group 16"
}
, {
"id" : "cipher_order",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"finding" : "server"
}
, {
"id" : "protocol_negotiated",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"finding" : "Default protocol TLS1.2"
}
, {
"id" : "cipher_negotiated",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"finding" : "ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)"
}
, {
"id" : "cipherorder_TLSv1",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA"
}
, {
"id" : "cipherorder_TLSv1_1",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA"
}
, {
"id" : "cipherorder_TLSv1_2",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA"
}
, {
"id" : "TLS_extensions",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "'server name/#0' 'renegotiation info/#65281' 'EC point formats/#11' 'session ticket/#35' 'heartbeat/#15' 'application layer protocol negotiation/#16'"
}
, {
"id" : "TLS_session_ticket",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "valid for 300 seconds only (<daily)"
}
, {
"id" : "SSL_sessionID_support",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "yes"
}
, {
"id" : "sessionresumption_ticket",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "supported"
}
, {
"id" : "sessionresumption_ID",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "supported"
}
, {
"id" : "TLS_timestamp",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "random"
}
, {
"id" : "cert_numbers",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "1"
}
, {
"id" : "cert_signatureAlgorithm",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"finding" : "SHA256 with RSA"
}
, {
"id" : "cert_keySize",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"finding" : "4096 bits"
}
, {
"id" : "cert_keyUsage",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "Digital Signature, Key Encipherment"
}
, {
"id" : "cert_extKeyUsage",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "cert_ext_keyusage"
}
, {
"id" : "cert_serialNumber",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "037263D7DC596E718181F53998E4800BFCFD"
}
, {
"id" : "cert_fingerprintSHA1",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "CFCC361D319F3B7A2E3E5845EABA566AB7B18AF7"
}
, {
"id" : "cert_fingerprintSHA256",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "7C00DC768F4615751DEA14520FC22A4B9480ED26BCC98F971450D4CBAD4F2EBD"
}
, {
"id" : "cert",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "-----BEGIN CERTIFICATE----- MIIGXDCCBUSgAwIBAgISA3Jj19xZbnGBgfU5mOSAC/z9MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTAyMjUxMDAwMThaFw0x OTA1MjYxMDAwMThaMB0xGzAZBgNVBAMTEmNyYW4uZGNjLnVjaGlsZS5jbDCCAiIw DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAJdRVHamL4SQ/C796sDK0j3jpSPh U6l82OOy+X6o4FKF6uKRubeOBzwax4w5/+rUGIIzTlVducGecvoeDt1Mqqimn0rl U5D6jzEPPejA+plX4k6z59FMRXIUNUIp1k5Bz9Lchtf1lsUpS9KGgIf4jy2SntvM mKqD5fSQxV/uPHd0nCgPmjO+Ld5wlHREcpByamU0p71MoRJUVXDgrW0sZL5SaI5T Sp5renGnkwXyuZv2rUchWtfeOJhTUXeqw3T2CIguHkCY9T9ISAn1OdtoMGs7Q7ib 2mWIsfv0SXUQMxMHCgQ5NfxqNgoS/ELHXI07QuSdl7fD5fowbs4A5bk0lqYg6EbS elTdRxIVdMl7wvmi7z3UgDRQNlq+lK/fasLuNmr9pXqmiSQT5NqSO++1c15swVs9 bAuvQ6hjvjQt1ZhrvqnAGY1Mu4MnLUBFgs70/Wdweh54aLlxfh24P/M/mo4beRfY Z3OdnQlcL4UCnDuN1KilpYElZxtitmJRvni1THteOR5oiKQImiuubGjXj04+vK56 DAiYVGQQEbYY1N4FlBpmK+ts1pqPhJwMwfZVc2a6HAhATwbqphyuph7xARDmVCyz jpw5StJzfAs90MLT9mdQpN1NMlij7r4BldbM1d4MDqX750zfI+/7yR7WnrFhfhCC eRxsoV8X52NAF9B3AgMBAAGjggJnMIICYzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0l BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE FNLlDrprjBQYDJh3BM0oV0wsrQeVMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZF Ze/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3Au aW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQu aW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wHQYDVR0RBBYwFIISY3Jhbi5kY2MudWNo aWxlLmNsMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYI KwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBAYKKwYBBAHW eQIEAgSB9QSB8gDwAHYAdH7agzGtMxCRIZzOJU9CcMK//V5CIAjGNzV55hB7zFYA AAFpJFAH7wAABAMARzBFAiEAtddE1fU/NbwHh/IA1X0GDiG7Cfb9CpAE6XVlu/Fw YMQCIGySDfuWpoVF74XGMD5YpuozWw7ABiLd1IcSI5SoCe5eAHYAY/Lbzeg7zCzP C3KEJ1drM6SNYXePvXWmOLHHaFRL2I0AAAFpJFAIAgAABAMARzBFAiAvD9KQHTdR XbYz54qM/pW0k5SjUlI+pYfj8h3l+AOtnAIhAOhq25E7p1mTWhxIAPniHLTrJvt9 inSVW8aJWiI+yJjIMA0GCSqGSIb3DQEBCwUAA4IBAQBq+L+MJf2L7F1Bm5iQXWAi lHmxOO3D7IPoVYABGlZw7DoCwrt2xXAx8kUFSVgXtLoMoSBsS+a8V0h06CBjMiB1 4tEI4VZyiX9uXdMMakeNy8Y1XoLu9/z9GN3F8XyMbZaAbhz3xddO90d7fmPw8JSK SadsGdaED155d8bwsNrOU6IgZwPD2Y5PjZEDokbm36mTGcxNredABZFHBld5BFM0 OxYmxxa9WYZrKAiKpRN9XLAz8LuUiceb9151HsS9HwN6Ly3j+Cr7BwZdMK4cfU3g JMHhZXrXyPtLA0mh/JF6bEJ9kZrBAYX3WzziwCl7zEG8rpzKtPhrJnwwxa3uUbPm -----END CERTIFICATE-----"
}
, {
"id" : "cert_commonName",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"finding" : "cran.dcc.uchile.cl"
}
, {
"id" : "cert_commonName_wo_SNI",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "cran.dcc.uchile.cl"
}
, {
"id" : "cert_subjectAltName",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "cran.dcc.uchile.cl"
}
, {
"id" : "cert_caIssuers",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "Let's Encrypt Authority X3 (Let's Encrypt from US)"
}
, {
"id" : "cert_trust",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"finding" : "Ok via SAN and CN (same w/o SNI)"
}
, {
"id" : "cert_chain_of_trust",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"finding" : "passed."
}
, {
"id" : "cert_certificatePolicies_EV",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "no"
}
, {
"id" : "cert_eTLS",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "not present"
}
, {
"id" : "cert_expiration_status",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"finding" : "83 >= 30 days"
}
, {
"id" : "cert_notBefore",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "2019-02-25 05:00"
}
, {
"id" : "cert_notAfter",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"finding" : "2019-05-26 06:00"
}
, {
"id" : "certs_countServer",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "2"
}
, {
"id" : "certs_list_ordering_problem",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "no"
}
, {
"id" : "cert_crlDistributionPoints",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "--"
}
, {
"id" : "cert_ocspURL",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "http://ocsp.int-x3.letsencrypt.org"
}
, {
"id" : "OCSP_stapling",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "LOW",
"finding" : "not offered"
}
, {
"id" : "cert_mustStapleExtension",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "--"
}
, {
"id" : "DNS_CAArecord",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "LOW",
"finding" : "--"
}
, {
"id" : "certificate_transparency",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"finding" : "yes (certificate extension)"
}
, {
"id" : "HTTP_status_code",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "200 OK ('/')"
}
, {
"id" : "HTTP_clock_skew",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "0 seconds from localtime"
}
, {
"id" : "HSTS",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "LOW",
"finding" : "not offered"
}
, {
"id" : "HPKP",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "No support for HTTP Public Key Pinning"
}
, {
"id" : "banner_server",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "Apache/2.4.25 (Debian)"
}
, {
"id" : "banner_application",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "No application banner found"
}
, {
"id" : "cookie_count",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "0 at '/'"
}
, {
"id" : "security_headers",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "MEDIUM",
"finding" : "--"
}
, {
"id" : "banner_reverseproxy",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"cwe" : "CWE-200",
"finding" : "--"
}
, {
"id" : "heartbleed",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-0160",
"cwe" : "CWE-119",
"finding" : "not vulnerable , timed out"
}
, {
"id" : "CCS",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-0224",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "ticketbleed",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-9244",
"cwe" : "CWE-200",
"finding" : "not vulnerable"
}
, {
"id" : "ROBOT",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2017-17382 CVE-2017-17427 CVE-2017-17428 CVE-2017-13098 CVE-2017-1000385 CVE-2017-13099 CVE-2016-6883 CVE-2012-5081 CVE-2017-6168",
"cwe" : "CWE-203",
"finding" : "not vulnerable, no RSA key transport cipher"
}
, {
"id" : "secure_renego",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2009-3555",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "secure_client_renego",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2009-3555",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "CRIME_TLS",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2012-4929",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "BREACH",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "HIGH",
"cve" : "CVE-2013-3587",
"cwe" : "CWE-310",
"finding" : "potentially VULNERABLE, uses gzip HTTP compression - only supplied '/' tested"
}
, {
"id" : "POODLE_SSL",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-3566",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "fallback_SCSV",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"finding" : "supported"
}
, {
"id" : "SWEET32",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-2183 CVE-2016-6329",
"cwe" : "CWE-327",
"finding" : "not vulnerable"
}
, {
"id" : "FREAK",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-0204",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "DROWN",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-0800 CVE-2016-0703",
"cwe" : "CWE-310",
"finding" : "not vulnerable to DROWN on this host and port"
}
, {
"id" : "DROWN",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"cve" : "CVE-2016-0800 CVE-2016-0703",
"cwe" : "CWE-310",
"finding" : "Make sure you don't use this certificate elsewhere with SSLv2 enabled services, see https://censys.io/ipv4?q=7C00DC768F4615751DEA14520FC22A4B9480ED26BCC98F971450D4CBAD4F2EBD"
}
, {
"id" : "LOGJAM-common_primes",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"cve" : "CVE-2015-4000",
"cwe" : "CWE-310",
"finding" : "RFC3526/Oakley Group 16"
}
, {
"id" : "LOGJAM",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-4000",
"cwe" : "CWE-310",
"finding" : "not vulnerable, no DH EXPORT ciphers,"
}
, {
"id" : "BEAST_CBC_TLS1",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "MEDIUM",
"cve" : "CVE-2011-3389",
"cwe" : "CWE-20",
"finding" : "ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA"
}
, {
"id" : "BEAST",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "LOW",
"cve" : "CVE-2011-3389",
"cwe" : "CWE-20",
"finding" : "VULNERABLE -- but also supports higher protocols TLSv1.1 TLSv1.2 (likely mitigated)"
}
, {
"id" : "LUCKY13",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "LOW",
"cve" : "CVE-2013-0169",
"cwe" : "CWE-310",
"finding" : "potentially vulnerable, uses TLS CBC ciphers"
}
, {
"id" : "RC4",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2013-2566 CVE-2015-2808",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "cipher_xc030",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH 256 AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
}
, {
"id" : "cipher_xc028",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "xc028 ECDHE-RSA-AES256-SHA384 ECDH 256 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"
}
, {
"id" : "cipher_xc014",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "xc014 ECDHE-RSA-AES256-SHA ECDH 256 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
}
, {
"id" : "cipher_x9f",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "x9f DHE-RSA-AES256-GCM-SHA384 DH 4096 AESGCM 256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384"
}
, {
"id" : "cipher_x6b",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "x6b DHE-RSA-AES256-SHA256 DH 4096 AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"
}
, {
"id" : "cipher_x39",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "x39 DHE-RSA-AES256-SHA DH 4096 AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA"
}
, {
"id" : "cipher_xc02f",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH 256 AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
}
, {
"id" : "cipher_x9e",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "x9e DHE-RSA-AES128-GCM-SHA256 DH 4096 AESGCM 128 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256"
}
, {
"id" : "clientsimulation-android_422",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-android_442",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-android_500",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-android_60",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-android_70",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-chrome_65_win7",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-chrome_70_win10",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-firefox_59_win7",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-firefox_62_win7",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-ie_6_xp",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-ie_7_vista",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-ie_8_win7",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-ie_8_xp",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-ie_11_win7",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 DHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-ie_11_win81",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 DHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-ie_11_winphone81",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-ie_11_win10",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-edge_13_win10",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-edge_13_winphone10",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-edge_15_win10",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-opera_17_win7",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-safari_9_ios9",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-safari_9_osx1011",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-safari_10_osx1012",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-apple_ats_9_ios9",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-tor_1709_win7",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-java_6u45",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-java_7u25",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-java_8u161",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-java_904",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-openssl_101l",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-openssl_102e",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "scanTime",
"ip" : "cran.dcc.uchile.cl/192.80.24.196",
"port" : "443",
"severity" : "INFO",
"finding" : "192"
}
]

1146
data/ssl/cran.fiocruz.br_p443-20190303-0817.json

File diff suppressed because it is too large

1076
data/ssl/cran.hafro.is_p443-20190303-0838.json

File diff suppressed because it is too large

1067
data/ssl/cran.ism.ac.jp_p443-20190303-0839.json

File diff suppressed because it is too large

1148
data/ssl/cran.itam.mx_p443-20190303-0841.json

File diff suppressed because it is too large

1097
data/ssl/cran.ma.imperial.ac.uk_p443-20190303-0846.json

File diff suppressed because it is too large

1055
data/ssl/cran.ms.unimelb.edu.au_p443-20190303-0753.json

File diff suppressed because it is too large

985
data/ssl/cran.mtu.edu_p443-20190303-0846.json

@ -0,0 +1,985 @@
[
{
"id" : "service",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "HTTP"
}
, {
"id" : "SSLv2",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "OK",
"finding" : "not offered"
}
, {
"id" : "SSLv3",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "OK",
"finding" : "not offered"
}
, {
"id" : "TLS1",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "offered"
}
, {
"id" : "TLS1_1",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "CRITICAL",
"finding" : "TLSv1.1 is not offered, and downgraded to a weaker protocol"
}
, {
"id" : "TLS1_2",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "MEDIUM",
"finding" : "not offered and downgraded to a weaker protocol"
}
, {
"id" : "TLS1_3",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered and downgraded to a weaker protocol"
}
, {
"id" : "NPN",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered"
}
, {
"id" : "ALPN",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered"
}
, {
"id" : "cipherlist_NULL",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_aNULL",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_EXPORT",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_LOW",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "CRITICAL",
"cwe" : "CWE-327",
"finding" : "offered"
}
, {
"id" : "cipherlist_3DES_IDEA",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "HIGH",
"cwe" : "CWE-310",
"finding" : "offered"
}
, {
"id" : "cipherlist_AVERAGE",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "LOW",
"cwe" : "CWE-310",
"finding" : "offered"
}
, {
"id" : "cipherlist_STRONG",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "MEDIUM",
"finding" : "not offered"
}
, {
"id" : "PFS",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "PFS_ciphers",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "DHE-RSA-AES256-SHA DHE-RSA-AES128-SHA DHE-RSA-SEED-SHA"
}
, {
"id" : "DH_groups",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "OK",
"finding" : "RFC3526/Oakley Group 14"
}
, {
"id" : "cipher_order",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "HIGH",
"finding" : "NOT a cipher order configured"
}
, {
"id" : "protocol_negotiated",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "Default protocol TLS1.0"
}
, {
"id" : "cipher_negotiated",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "LOW",
"finding" : "DHE-RSA-AES256-SHA, 2048 bit DH (cbc) (limited sense as client will pick)"
}
, {
"id" : "cipher_order_",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "at (limited sense as client will pick)"
}
, {
"id" : "cipher_order_",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "at (limited sense as client will pick)"
}
, {
"id" : "cipher_order_TLSv1",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "DHE-RSA-AES256-SHA at TLSv1 (limited sense as client will pick)"
}
, {
"id" : "cipher_order_",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "at (limited sense as client will pick)"
}
, {
"id" : "cipher_order_",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "at (limited sense as client will pick)"
}
, {
"id" : "cipher_order_",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "at (limited sense as client will pick)"
}
, {
"id" : "TLS_extensions",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "'server name/#0' 'renegotiation info/#65281' 'session ticket/#35'"
}
, {
"id" : "TLS_session_ticket",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "No lifetime advertised"
}
, {
"id" : "SSL_sessionID_support",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "yes"
}
, {
"id" : "sessionresumption_ticket",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "supported"
}
, {
"id" : "sessionresumption_ID",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "supported"
}
, {
"id" : "TLS_timestamp",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "off by -1 seconds from your localtime"
}
, {
"id" : "cert_numbers",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "1"
}
, {
"id" : "cert_signatureAlgorithm",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "OK",
"finding" : "SHA256 with RSA"
}
, {
"id" : "cert_keySize",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "2048 bits"
}
, {
"id" : "cert_keyUsage",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "Digital Signature, Key Encipherment"
}
, {
"id" : "cert_extKeyUsage",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "cert_ext_keyusage"
}
, {
"id" : "cert_serialNumber",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "E3009B7FE7AC02D80A22C93FA4279D83"
}
, {
"id" : "cert_fingerprintSHA1",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "6F0D84709B307507D31FE66A45C554DDC61CCE71"
}
, {
"id" : "cert_fingerprintSHA256",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "B505C5C9CAAAAFE3AE693EC16BF2F65AEBFD6A77FDF06C17699A8482E2C07116"
}
, {
"id" : "cert",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "-----BEGIN CERTIFICATE----- MIIHHDCCBgSgAwIBAgIRAOMAm3/nrALYCiLJP6QnnYMwDQYJKoZIhvcNAQELBQAw djELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1JMRIwEAYDVQQHEwlBbm4gQXJib3Ix EjAQBgNVBAoTCUludGVybmV0MjERMA8GA1UECxMISW5Db21tb24xHzAdBgNVBAMT FkluQ29tbW9uIFJTQSBTZXJ2ZXIgQ0EwHhcNMTgwODAzMDAwMDAwWhcNMjAwODAy MjM1OTU5WjCB1TELMAkGA1UEBhMCVVMxDjAMBgNVBBETBTQ5OTMxMQswCQYDVQQI EwJNSTERMA8GA1UEBxMISG91Z2h0b24xHDAaBgNVBAkTEzE0MDAgVG93bnNlbmQg RHJpdmUxKjAoBgNVBAoTIU1pY2hpZ2FuIFRlY2hub2xvZ2ljYWwgVW5pdmVyc2l0 eTE1MDMGA1UECxMsSW5mb3JtYXRpb24gVGVjaG5vbG9neSBTZXJ2aWNlcyBhbmQg U2VjdXJpdHkxFTATBgNVBAMTDGNyYW4ubXR1LmVkdTCCASIwDQYJKoZIhvcNAQEB BQADggEPADCCAQoCggEBAOCvYftwxh1K8uTE/HC0RMB6j4czwJKce6iBu3u6zSlL 6RHQSb2deJaFRmAN/W94cNlEvJhxkSaPkhtpcZSSHv4Dk3dM1jmLLRETnJJmVpLF Zo1OWe1bfQA/vGIgSzl0yHDYeSbKlPtTlrRt+5eTu36cSVRo0PgYlo0gl1xixYys NNqd6v3Obi59Q2DKsglKtHcOFJ/gcb45USuE/+gJMVkxuRCzo/R+oxBDFqgk6xPH wZxjgXQtMcY9uTrfLgshPFaMq+1Oh9uZt0EcFj14pjPDJ4pD3Vaoe3kzp1fRhlGI BSCxdfbrErX+HNvfmWxEiqFl63yIN2AP1YWSKBJcNPUCAwEAAaOCA0MwggM/MB8G A1UdIwQYMBaAFB4Fo3ePbJbiW4dLprSGrHEADOc4MB0GA1UdDgQWBBSSa4l41iYZ FH11uc+BAAjXTWrupjAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNV HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwZwYDVR0gBGAwXjBSBgwrBgEEAa4j AQQDAQEwQjBABggrBgEFBQcCARY0aHR0cHM6Ly93d3cuaW5jb21tb24ub3JnL2Nl cnQvcmVwb3NpdG9yeS9jcHNfc3NsLnBkZjAIBgZngQwBAgIwRAYDVR0fBD0wOzA5 oDegNYYzaHR0cDovL2NybC5pbmNvbW1vbi1yc2Eub3JnL0luQ29tbW9uUlNBU2Vy dmVyQ0EuY3JsMHUGCCsGAQUFBwEBBGkwZzA+BggrBgEFBQcwAoYyaHR0cDovL2Ny dC51c2VydHJ1c3QuY29tL0luQ29tbW9uUlNBU2VydmVyQ0FfMi5jcnQwJQYIKwYB BQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wFwYDVR0RBBAwDoIMY3Jh bi5tdHUuZWR1MIIBfwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdwDuS723dc5guuFC aR+r4Z5mow9+X7By2IMAxHuJeqj9ywAAAWUBf//tAAAEAwBIMEYCIQCyoW+zciXn 4Rwvos/AW0LPjsjtlDMgieZw3fvxuHHksgIhAMTP0dSTyDOeh/OqaV3izdioCPMJ oQyUVYgYaoQJz5u7AHYAXqdz+d9WwOe1Nkh90EngMnqRmgyEoRIShBh1loFxRVgA AAFlAYAAOgAABAMARzBFAiABLXUg+CrTSp8MkMIU7A++2uaCFlgBzdhbfqaFsVEG twIhAIt5u+rgoTA7shthZZQyO8BUIhQuXHaVD7vJdagm4wDaAHYAVYHUwhaQNgFK 6gubVzxT8MDkOHhwJQgXL6OqHQcT0wwAAAFlAYAAEAAABAMARzBFAiAi9K1OtMm7 3vimMjhY9n99zm10D0HzDnQgdJiOaC7/TwIhAKiSe46v+K8gB1rE7LoZ+H1zwC5s 32CLKOzVEAyimQhyMA0GCSqGSIb3DQEBCwUAA4IBAQCHQAQzGrbH0aB02iIXMpj4 302YWxVnOp/U8LqJ6Ehu5Nf/sXjrF8/DQbHgvhU1EiqH6V+McM4gglK9P44RH26L 8tnFukY8jwZ4dvkYthuxREAUvc4Xq5MhnJHj5jYsKTJoIBtXwD+FOtsRw7UEMhFN yBYLujcYjpXbhmXqUW8eTCHQ8MOonvfwiFA5o3c+8oFWfKE0BOXh0Jb3Hoor2kyb 7pUXS6lnpWcMES6DMerAtjocsEd6zBJ4E8x4dCZ+Kb6l3eavtKFCj0EUAxqTlXPX MeXQlYpN9M00+VB35KqFYTYjfgsGEhjbAi/Z4p6mcyouvkaUypSOIW2Zo7mXmzeg -----END CERTIFICATE-----"
}
, {
"id" : "cert_commonName",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "OK",
"finding" : "cran.mtu.edu"
}
, {
"id" : "cert_commonName_wo_SNI",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "cran.mtu.edu"
}
, {
"id" : "cert_subjectAltName",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "cran.mtu.edu"
}
, {
"id" : "cert_caIssuers",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "InCommon RSA Server CA (Internet2 from US)"
}
, {
"id" : "cert_trust",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "OK",
"finding" : "Ok via SAN and CN (same w/o SNI)"
}
, {
"id" : "cert_chain_of_trust",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "OK",
"finding" : "passed."
}
, {
"id" : "cert_certificatePolicies_EV",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "no"
}
, {
"id" : "cert_eTLS",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "not present"
}
, {
"id" : "cert_expiration_status",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "OK",
"finding" : "518 >= 60 days"
}
, {
"id" : "cert_notBefore",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "2018-08-02 20:00"
}
, {
"id" : "cert_notAfter",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "OK",
"finding" : "2020-08-02 19:59"
}
, {
"id" : "certs_countServer",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "5"
}
, {
"id" : "certs_list_ordering_problem",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "LOW",
"finding" : "yes"
}
, {
"id" : "cert_crlDistributionPoints",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "http://crl.incommon-rsa.org/InCommonRSAServerCA.crl"
}
, {
"id" : "cert_ocspURL",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "http://ocsp.usertrust.com"
}
, {
"id" : "OCSP_stapling",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "LOW",
"finding" : "not offered"
}
, {
"id" : "cert_mustStapleExtension",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "--"
}
, {
"id" : "DNS_CAArecord",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "OK",
"finding" : "iodef=mailto:security@mtu.edu, issue=comodoca.com, issue=comodo.com, issue=digicert.com, issue=globalsign.com, issuewild=comodoca.com, issuewild=comodo.com"
}
, {
"id" : "certificate_transparency",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "OK",
"finding" : "yes (certificate extension)"
}
, {
"id" : "HTTP_status_code",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "200 OK ('/')"
}
, {
"id" : "HTTP_clock_skew",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "0 seconds from localtime"
}
, {
"id" : "HSTS",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "LOW",
"finding" : "not offered"
}
, {
"id" : "HPKP",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "No support for HTTP Public Key Pinning"
}
, {
"id" : "banner_server",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "Apache"
}
, {
"id" : "banner_application",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "No application banner found"
}
, {
"id" : "cookie_count",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "0 at '/'"
}
, {
"id" : "security_headers",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "MEDIUM",
"finding" : "--"
}
, {
"id" : "banner_reverseproxy",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"cwe" : "CWE-200",
"finding" : "--"
}
, {
"id" : "heartbleed",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-0160",
"cwe" : "CWE-119",
"finding" : "not vulnerable, no heartbeat extension"
}
, {
"id" : "CCS",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-0224",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "ticketbleed",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-9244",
"cwe" : "CWE-200",
"finding" : "not vulnerable, returned potential memory fragments do not differ"
}
, {
"id" : "ROBOT",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2017-17382 CVE-2017-17427 CVE-2017-17428 CVE-2017-13098 CVE-2017-1000385 CVE-2017-13099 CVE-2016-6883 CVE-2012-5081 CVE-2017-6168",
"cwe" : "CWE-203",
"finding" : "not vulnerable"
}
, {
"id" : "secure_renego",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2009-3555",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "secure_client_renego",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2009-3555",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "CRIME_TLS",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2012-4929",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "BREACH",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2013-3587",
"cwe" : "CWE-310",
"finding" : "not vulnerable, no HTTP compression - only supplied '/' tested"
}
, {
"id" : "POODLE_SSL",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-3566",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "fallback_SCSV",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "OK",
"finding" : "no protocol below TLS 1 offered"
}
, {
"id" : "SWEET32",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "LOW",
"cve" : "CVE-2016-2183 CVE-2016-6329",
"cwe" : "CWE-327",
"finding" : "uses 64 bit block ciphers"
}
, {
"id" : "FREAK",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-0204",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "DROWN",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-0800 CVE-2016-0703",
"cwe" : "CWE-310",
"finding" : "not vulnerable to DROWN on this host and port"
}
, {
"id" : "DROWN",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"cve" : "CVE-2016-0800 CVE-2016-0703",
"cwe" : "CWE-310",
"finding" : "Make sure you don't use this certificate elsewhere with SSLv2 enabled services, see https://censys.io/ipv4?q=B505C5C9CAAAAFE3AE693EC16BF2F65AEBFD6A77FDF06C17699A8482E2C07116"
}
, {
"id" : "LOGJAM-common_primes",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"cve" : "CVE-2015-4000",
"cwe" : "CWE-310",
"finding" : "RFC3526/Oakley Group 14"
}
, {
"id" : "LOGJAM",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-4000",
"cwe" : "CWE-310",
"finding" : "not vulnerable, no DH EXPORT ciphers,"
}
, {
"id" : "BEAST_CBC_TLS1",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "MEDIUM",
"cve" : "CVE-2011-3389",
"cwe" : "CWE-20",
"finding" : "DHE-RSA-AES256-SHA AES256-SHA DHE-RSA-AES128-SHA DHE-RSA-SEED-SHA AES128-SHA SEED-SHA EDH-RSA-DES-CBC3-SHA DES-CBC3-SHA"
}
, {
"id" : "BEAST",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "MEDIUM",
"cve" : "CVE-2011-3389",
"cwe" : "CWE-20",
"finding" : "VULNERABLE -- and no higher protocols as mitigation supported"
}
, {
"id" : "LUCKY13",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "LOW",
"cve" : "CVE-2013-0169",
"cwe" : "CWE-310",
"finding" : "potentially vulnerable, uses TLS CBC ciphers"
}
, {
"id" : "RC4",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "HIGH",
"cve" : "CVE-2013-2566 CVE-2015-2808",
"cwe" : "CWE-310",
"finding" : "VULNERABLE, Detected ciphers: RC4-SHA RC4-MD5"
}
, {
"id" : "cipher_x39",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "x39 DHE-RSA-AES256-SHA DH 2048 AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA"
}
, {
"id" : "cipher_x35",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "x35 AES256-SHA RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA"
}
, {
"id" : "cipher_x33",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "x33 DHE-RSA-AES128-SHA DH 2048 AES 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
}
, {
"id" : "cipher_x9a",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "x9a DHE-RSA-SEED-SHA DH 2048 SEED 128 TLS_DHE_RSA_WITH_SEED_CBC_SHA"
}
, {
"id" : "cipher_x2f",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "x2f AES128-SHA RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA"
}
, {
"id" : "cipher_x96",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "x96 SEED-SHA RSA SEED 128 TLS_RSA_WITH_SEED_CBC_SHA"
}
, {
"id" : "cipher_x05",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "x05 RC4-SHA RSA RC4 128 TLS_RSA_WITH_RC4_128_SHA"
}
, {
"id" : "cipher_x04",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "x04 RC4-MD5 RSA RC4 128 TLS_RSA_WITH_RC4_128_MD5"
}
, {
"id" : "cipher_x16",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "x16 EDH-RSA-DES-CBC3-SHA DH 2048 3DES 168 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"
}
, {
"id" : "cipher_x0a",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "x0a DES-CBC3-SHA RSA 3DES 168 TLS_RSA_WITH_3DES_EDE_CBC_SHA"
}
, {
"id" : "clientsimulation-android_422",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-android_442",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-android_500",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-android_60",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-android_70",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES128-SHA"
}
, {
"id" : "clientsimulation-chrome_65_win7",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES128-SHA"
}
, {
"id" : "clientsimulation-chrome_70_win10",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES128-SHA"
}
, {
"id" : "clientsimulation-firefox_59_win7",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES128-SHA"
}
, {
"id" : "clientsimulation-firefox_62_win7",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES128-SHA"
}
, {
"id" : "clientsimulation-ie_6_xp",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-ie_7_vista",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES128-SHA"
}
, {
"id" : "clientsimulation-ie_8_win7",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES128-SHA"
}
, {
"id" : "clientsimulation-ie_8_xp",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 RC4-MD5"
}
, {
"id" : "clientsimulation-ie_11_win7",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES256-SHA"
}
, {
"id" : "clientsimulation-ie_11_win81",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-ie_11_winphone81",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES128-SHA"
}
, {
"id" : "clientsimulation-ie_11_win10",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-edge_13_win10",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-edge_13_winphone10",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES256-SHA"
}
, {
"id" : "clientsimulation-edge_15_win10",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES256-SHA"
}
, {
"id" : "clientsimulation-opera_17_win7",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-safari_9_ios9",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES256-SHA"
}
, {
"id" : "clientsimulation-safari_9_osx1011",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES256-SHA"
}
, {
"id" : "clientsimulation-safari_10_osx1012",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES256-SHA"
}
, {
"id" : "clientsimulation-apple_ats_9_ios9",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-tor_1709_win7",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-java_6u45",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-java_7u25",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES128-SHA"
}
, {
"id" : "clientsimulation-java_8u161",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES256-SHA"
}
, {
"id" : "clientsimulation-java_904",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES256-SHA"
}
, {
"id" : "clientsimulation-openssl_101l",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-openssl_102e",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "scanTime",
"ip" : "cran.mtu.edu/141.219.191.249",
"port" : "443",
"severity" : "INFO",
"finding" : "146"
}
]

1027
data/ssl/cran.ncc.metu.edu.tr_p443-20190303-0845.json

File diff suppressed because it is too large

1048
data/ssl/cran.pau.edu.tr_p443-20190303-0845.json

File diff suppressed because it is too large

2003
data/ssl/cran.rapporter.net_p443-20190303-0838.json

File diff suppressed because it is too large

1148
data/ssl/cran.rediris.es_p443-20190303-0843.json

File diff suppressed because it is too large

999
data/ssl/cran.revolutionanalytics.com_p443-20190303-0847.json

@ -0,0 +1,999 @@
[
{
"id" : "service",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "HTTP"
}
, {
"id" : "SSLv2",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"finding" : "not offered"
}
, {
"id" : "SSLv3",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"finding" : "not offered"
}
, {
"id" : "TLS1",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "offered"
}
, {
"id" : "TLS1_1",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "offered"
}
, {
"id" : "TLS1_2",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "TLS1_3",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered and downgraded to a weaker protocol"
}
, {
"id" : "NPN",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "offered with h2, http/1.1 (advertised)"
}
, {
"id" : "ALPN_HTTP2",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"finding" : "h2"
}
, {
"id" : "ALPN",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "http/1.1"
}
, {
"id" : "cipherlist_NULL",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_aNULL",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_EXPORT",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_LOW",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_3DES_IDEA",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "HIGH",
"cwe" : "CWE-310",
"finding" : "offered"
}
, {
"id" : "cipherlist_AVERAGE",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "LOW",
"cwe" : "CWE-310",
"finding" : "offered"
}
, {
"id" : "cipherlist_STRONG",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "PFS",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "PFS_ciphers",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-SHA256 DHE-RSA-AES128-SHA"
}
, {
"id" : "PFS_ECDHE_curves",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"finding" : "prime256v1"
}
, {
"id" : "DH_groups",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"finding" : "Unknown DH group (2048 bits)"
}
, {
"id" : "cipher_order",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"finding" : "server"
}
, {
"id" : "protocol_negotiated",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"finding" : "Default protocol TLS1.2"
}
, {
"id" : "cipher_negotiated",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"finding" : "ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)"
}
, {
"id" : "cipherorder_TLSv1",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA DHE-RSA-AES128-SHA DHE-RSA-AES256-SHA DES-CBC3-SHA"
}
, {
"id" : "cipherorder_TLSv1_1",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA DHE-RSA-AES128-SHA DHE-RSA-AES256-SHA DES-CBC3-SHA"
}
, {
"id" : "cipherorder_TLSv1_2",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-SHA256 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256 ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA DHE-RSA-AES128-SHA DHE-RSA-AES256-SHA DES-CBC3-SHA"
}
, {
"id" : "TLS_extensions",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "'server name/#0' 'renegotiation info/#65281' 'EC point formats/#11' 'session ticket/#35' 'heartbeat/#15' 'next protocol/#13172' 'application layer protocol negotiation/#16'"
}
, {
"id" : "TLS_session_ticket",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "valid for 300 seconds only (<daily)"
}
, {
"id" : "SSL_sessionID_support",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "yes"
}
, {
"id" : "sessionresumption_ticket",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "supported"
}
, {
"id" : "sessionresumption_ID",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "not supported"
}
, {
"id" : "TLS_timestamp",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "random"
}
, {
"id" : "cert_numbers",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "1"
}
, {
"id" : "cert_signatureAlgorithm",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"finding" : "SHA256 with RSA"
}
, {
"id" : "cert_keySize",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "2048 bits"
}
, {
"id" : "cert_keyUsage",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "Digital Signature, Key Encipherment, Data Encipherment"
}
, {
"id" : "cert_extKeyUsage",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "cert_ext_keyusage"
}
, {
"id" : "cert_serialNumber",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "2D00028FD7B6787DC4B44EB637000000028FD7"
}
, {
"id" : "cert_fingerprintSHA1",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "1DF666EE50F17B365F30EF9697D6FE18BC7C1298"
}
, {
"id" : "cert_fingerprintSHA256",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "5FFA159C93531679BF4815072F784C5EC34119109D6096FAEA7246DADA331A09"
}
, {
"id" : "cert",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "-----BEGIN CERTIFICATE----- MIII4zCCBsugAwIBAgITLQACj9e2eH3EtE62NwAAAAKP1zANBgkqhkiG9w0BAQsF ADCBizELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcT B1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEVMBMGA1UE CxMMTWljcm9zb2Z0IElUMR4wHAYDVQQDExVNaWNyb3NvZnQgSVQgVExTIENBIDUw HhcNMTgwNDE0MjEzMjEwWhcNMjAwNDE0MjEzMjEwWjAnMSUwIwYDVQQDExxtcmFu LnJldm9sdXRpb25hbmFseXRpY3MuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEAwBLWhXDBj4pX8hB3nvPmQcQe+8IF/fv5VuuVGyKUKaQpb1p3oI2p 9AKzqkq2yzFXoxGsCkHpmYq3+fn94kRyZSvZklXjrL1fYxUz2b6iwMk+x3MdQtGa Q5dFEDwjxCm5haoy/LvUV9V6Dum6LVcKfYao0FHsVH9OIEqWut10kv/pxhj4j5w0 RrtE7zXvj4ObdOyXVXZK11eK/ymQiElOeALUeUyWVwnrazDtTHTjxeE8pty1WMbo TEXao79pKeLVjUMVQFGlQDC+6Afp5dy3B742yPfU9w4M15yLhq9rtNOPCzCHdpNN ocsdF+dDhlEEYQeMZBCO1WQui4+yY+3v+QIDAQABo4IEoTCCBJ0wggH3BgorBgEE AdZ5AgQCBIIB5wSCAeMB4QB2ALIeBcyLos2KIE6HZvkruYolIGdr2vpw57JJUy3v i5BeAAABYsYb0sUAAAQDAEcwRQIgUs97XgCdCZXWu/JmnOE4upZ/T2MGZp2CqQie Jxf4aeECIQC4HFhrn7b6p+RypRDz0UqR/Wr7EfNbqw3ucIDYSkfKNQB3AId1v+dZ fPiMQ5lfvfNu/1aNR1Y2/0q1YMG06v9eoIMPAAABYsYb03QAAAQDAEgwRgIhALIp RxKLWqfIxfCE9ZTdVQMaRORrZgpjityM1BgH+dYaAiEAqQgawjRWUM1SWdZyO4nM GPzot79nl5XCYviZF63E++4AdgDuS723dc5guuFCaR+r4Z5mow9+X7By2IMAxHuJ eqj9ywAAAWLGG9XeAAAEAwBHMEUCIA2RIxRWWIfEsss3KxxqaiAWM4FLI+jRiLHg kyrp/1m8AiEA0vomiVymg89wuqAEdDs0WjMntqXI4gp7DzCQoJjCq0cAdgBvU3as MfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAWLGG9YcAAAEAwBHMEUCIH1q Z7/4m2EYF2mLmq9Fh/Bww4Qo6dX1zAtjnseWf+6eAiEAy0KZCAixYwqjA9lUOnw+ oCo3EhmqL9YUtRQXHn7fyJ8wJwYJKwYBBAGCNxUKBBowGDAKBggrBgEFBQcDAjAK BggrBgEFBQcDATA+BgkrBgEEAYI3FQcEMTAvBicrBgEEAYI3FQiH2oZ1g+7ZAYLJ hRuBtZ5hhfTrYIFdhNLfQoLnk3oCAWQCAR0wgYUGCCsGAQUFBwEBBHkwdzBRBggr BgEFBQcwAoZFaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAvTWlj cm9zb2Z0JTIwSVQlMjBUTFMlMjBDQSUyMDUuY3J0MCIGCCsGAQUFBzABhhZodHRw Oi8vb2NzcC5tc29jc3AuY29tMB0GA1UdDgQWBBTJmEOwJeGrpEWa8/FWqqnt9bQL fjALBgNVHQ8EBAMCBLAwRQYDVR0RBD4wPIIcbXJhbi5yZXZvbHV0aW9uYW5hbHl0 aWNzLmNvbYIcY3Jhbi5yZXZvbHV0aW9uYW5hbHl0aWNzLmNvbTCBrAYDVR0fBIGk MIGhMIGeoIGboIGYhktodHRwOi8vbXNjcmwubWljcm9zb2Z0LmNvbS9wa2kvbXNj b3JwL2NybC9NaWNyb3NvZnQlMjBJVCUyMFRMUyUyMENBJTIwNS5jcmyGSWh0dHA6 Ly9jcmwubWljcm9zb2Z0LmNvbS9wa2kvbXNjb3JwL2NybC9NaWNyb3NvZnQlMjBJ VCUyMFRMUyUyMENBJTIwNS5jcmwwTQYDVR0gBEYwRDBCBgkrBgEEAYI3KgEwNTAz BggrBgEFBQcCARYnaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAv Y3BzMB8GA1UdIwQYMBaAFAj+JZ906ocEwry7jqg4XzPG0WxlMB0GA1UdJQQWMBQG CCsGAQUFBwMCBggrBgEFBQcDATANBgkqhkiG9w0BAQsFAAOCAgEAEvEoTPLByN8V K6gdc4DfhuJGecesaoLqcWNnLUpdjRNt50JP/1pJRNppKIXbOkVRfMlb5342LGs9 46qra5rw6q69X6mtSwsBOyA1p1q9vzyq/SV9c+X68OouMch/lXTzKzi21I4Pz3cj U4TB+7uoa5dPa+O4NMN/eMkjPrmiIVxNRjnQk094XGifaKGEs0Gl+D970ZQsPwXK rv+2NriFRgU/AXSUQigtDHDgpBjCulcGapJejDh5blaVlON4RVoKiwQhm0fd46KN kWXeIt/YHuTj2oxJQeUq51GCHAlgbglkU4lv44oKkZUwThgwLuafidvw6IBwMg5Q uw0NaLogMmA2ofzS+koGjcG4O3HzpakVvKZvyss62/pWkCI4FbjpE/dS3BBWDZgv OasHZZBHbUhRgANhE4HZhx3UsvXnRQONa5L+DvBKBmO/2Xb0GttbUEppvp40z4ei d7br6+X1qkKiITpJfHpwKWrPT9Fxk8WVdIT7VcB/6spvPoiONiP/MThsafSmaYiT Yi3abk/QXzpDaanLXwX8ilNI6Y6Dq1kKXbG40XD+MiIHX4HQ7E3jOVvoRuJlbl+S 35mSfRASahVV/DfpD1rTH1bzqqHlPjWBDDszDfMGOtRt8BhESwEwUW57XH51/cyJ pTAuTFdTWN38yJswBPN+CuadsYS0h/c= -----END CERTIFICATE-----"
}
, {
"id" : "cert_commonName",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"finding" : "mran.revolutionanalytics.com"
}
, {
"id" : "cert_commonName_wo_SNI",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "cran.microsoft.com"
}
, {
"id" : "cert_subjectAltName",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "mran.revolutionanalytics.com cran.revolutionanalytics.com"
}
, {
"id" : "cert_caIssuers",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "Microsoft IT TLS CA 5 (Microsoft Corporation from US)"
}
, {
"id" : "cert_trust",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"finding" : "Ok via SAN (SNI mandatory)"
}
, {
"id" : "cert_chain_of_trust",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"finding" : "passed."
}
, {
"id" : "cert_certificatePolicies_EV",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "no"
}
, {
"id" : "cert_eTLS",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "not present"
}
, {
"id" : "cert_expiration_status",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"finding" : "408 >= 60 days"
}
, {
"id" : "cert_notBefore",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "2018-04-14 17:32"
}
, {
"id" : "cert_notAfter",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"finding" : "2020-04-14 17:32"
}
, {
"id" : "certs_countServer",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "3"
}
, {
"id" : "certs_list_ordering_problem",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "LOW",
"finding" : "yes"
}
, {
"id" : "cert_crlDistributionPoints",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "http://mscrl.microsoft.com/pki/mscorp/crl/Microsoft%20IT%20TLS%20CA%205.crl http://crl.microsoft.com/pki/mscorp/crl/Microsoft%20IT%20TLS%20CA%205.crl"
}
, {
"id" : "cert_ocspURL",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "http://ocsp.msocsp.com"
}
, {
"id" : "OCSP_stapling",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "LOW",
"finding" : "not offered"
}
, {
"id" : "cert_mustStapleExtension",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "--"
}
, {
"id" : "DNS_CAArecord",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "LOW",
"finding" : "--"
}
, {
"id" : "certificate_transparency",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"finding" : "yes (certificate extension)"
}
, {
"id" : "HTTP_status_code",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "200 OK ('/')"
}
, {
"id" : "HTTP_clock_skew",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "0 seconds from localtime"
}
, {
"id" : "HSTS",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "LOW",
"finding" : "not offered"
}
, {
"id" : "HPKP",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "No support for HTTP Public Key Pinning"
}
, {
"id" : "banner_server",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "nginx/1.10.3 (Ubuntu)"
}
, {
"id" : "banner_application",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "No application banner found"
}
, {
"id" : "cookie_count",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "0 at '/'"
}
, {
"id" : "security_headers",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "MEDIUM",
"finding" : "--"
}
, {
"id" : "banner_reverseproxy",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"cwe" : "CWE-200",
"finding" : "--"
}
, {
"id" : "heartbleed",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-0160",
"cwe" : "CWE-119",
"finding" : "not vulnerable , timed out"
}
, {
"id" : "CCS",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-0224",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "ticketbleed",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-9244",
"cwe" : "CWE-200",
"finding" : "not vulnerable"
}
, {
"id" : "ROBOT",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2017-17382 CVE-2017-17427 CVE-2017-17428 CVE-2017-13098 CVE-2017-1000385 CVE-2017-13099 CVE-2016-6883 CVE-2012-5081 CVE-2017-6168",
"cwe" : "CWE-203",
"finding" : "not vulnerable"
}
, {
"id" : "secure_renego",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2009-3555",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "secure_client_renego",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2009-3555",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "CRIME_TLS",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2012-4929",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "BREACH",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "HIGH",
"cve" : "CVE-2013-3587",
"cwe" : "CWE-310",
"finding" : "potentially VULNERABLE, uses gzip HTTP compression - only supplied '/' tested"
}
, {
"id" : "POODLE_SSL",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-3566",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "fallback_SCSV",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"finding" : "supported"
}
, {
"id" : "SWEET32",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "LOW",
"cve" : "CVE-2016-2183 CVE-2016-6329",
"cwe" : "CWE-327",
"finding" : "uses 64 bit block ciphers"
}
, {
"id" : "FREAK",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-0204",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "DROWN",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-0800 CVE-2016-0703",
"cwe" : "CWE-310",
"finding" : "not vulnerable to DROWN on this host and port"
}
, {
"id" : "DROWN",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"cve" : "CVE-2016-0800 CVE-2016-0703",
"cwe" : "CWE-310",
"finding" : "Make sure you don't use this certificate elsewhere with SSLv2 enabled services, see https://censys.io/ipv4?q=5FFA159C93531679BF4815072F784C5EC34119109D6096FAEA7246DADA331A09"
}
, {
"id" : "LOGJAM",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-4000",
"cwe" : "CWE-310",
"finding" : "not vulnerable, no DH EXPORT ciphers,"
}
, {
"id" : "LOGJAM-common_primes",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-4000",
"cwe" : "CWE-310",
"finding" : "--"
}
, {
"id" : "BEAST_CBC_TLS1",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "MEDIUM",
"cve" : "CVE-2011-3389",
"cwe" : "CWE-20",
"finding" : "ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA DHE-RSA-AES128-SHA DHE-RSA-AES256-SHA DES-CBC3-SHA"
}
, {
"id" : "BEAST",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "LOW",
"cve" : "CVE-2011-3389",
"cwe" : "CWE-20",
"finding" : "VULNERABLE -- but also supports higher protocols TLSv1.1 TLSv1.2 (likely mitigated)"
}
, {
"id" : "LUCKY13",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "LOW",
"cve" : "CVE-2013-0169",
"cwe" : "CWE-310",
"finding" : "potentially vulnerable, uses TLS CBC ciphers"
}
, {
"id" : "RC4",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2013-2566 CVE-2015-2808",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "cipher_xc030",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH 256 AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
}
, {
"id" : "cipher_xc028",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "xc028 ECDHE-RSA-AES256-SHA384 ECDH 256 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"
}
, {
"id" : "cipher_xc014",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "xc014 ECDHE-RSA-AES256-SHA ECDH 256 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
}
, {
"id" : "cipher_x9f",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "x9f DHE-RSA-AES256-GCM-SHA384 DH 2048 AESGCM 256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384"
}
, {
"id" : "cipher_x6b",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "x6b DHE-RSA-AES256-SHA256 DH 2048 AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"
}
, {
"id" : "cipher_x39",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "x39 DHE-RSA-AES256-SHA DH 2048 AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA"
}
, {
"id" : "cipher_xc02f",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH 256 AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
}
, {
"id" : "cipher_xc027",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "xc027 ECDHE-RSA-AES128-SHA256 ECDH 256 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
}
, {
"id" : "cipher_xc013",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "xc013 ECDHE-RSA-AES128-SHA ECDH 256 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
}
, {
"id" : "cipher_x9e",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "x9e DHE-RSA-AES128-GCM-SHA256 DH 2048 AESGCM 128 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256"
}
, {
"id" : "cipher_x67",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "x67 DHE-RSA-AES128-SHA256 DH 2048 AES 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"
}
, {
"id" : "cipher_x33",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "x33 DHE-RSA-AES128-SHA DH 2048 AES 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
}
, {
"id" : "cipher_x0a",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "x0a DES-CBC3-SHA RSA 3DES 168 TLS_RSA_WITH_3DES_EDE_CBC_SHA"
}
, {
"id" : "clientsimulation-android_422",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES128-SHA"
}
, {
"id" : "clientsimulation-android_442",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-android_500",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-android_60",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-android_70",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-chrome_65_win7",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-chrome_70_win10",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-firefox_59_win7",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-firefox_62_win7",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-ie_6_xp",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-ie_7_vista",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES128-SHA"
}
, {
"id" : "clientsimulation-ie_8_win7",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES128-SHA"
}
, {
"id" : "clientsimulation-ie_8_xp",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DES-CBC3-SHA"
}
, {
"id" : "clientsimulation-ie_11_win7",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-SHA256"
}
, {
"id" : "clientsimulation-ie_11_win81",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-SHA256"
}
, {
"id" : "clientsimulation-ie_11_winphone81",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-SHA256"
}
, {
"id" : "clientsimulation-ie_11_win10",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-edge_13_win10",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-edge_13_winphone10",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-edge_15_win10",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-opera_17_win7",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-SHA256"
}
, {
"id" : "clientsimulation-safari_9_ios9",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-safari_9_osx1011",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-safari_10_osx1012",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-apple_ats_9_ios9",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-tor_1709_win7",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES128-SHA"
}
, {
"id" : "clientsimulation-java_6u45",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-java_7u25",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES128-SHA"
}
, {
"id" : "clientsimulation-java_8u161",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-java_904",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-openssl_101l",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-openssl_102e",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "scanTime",
"ip" : "cran.revolutionanalytics.com/13.66.202.75",
"port" : "443",
"severity" : "INFO",
"finding" : "136"
}
]

1088
data/ssl/cran.seoul.go.kr_p443-20190303-0841.json

File diff suppressed because it is too large

992
data/ssl/cran.stat.auckland.ac.nz_p443-20190303-0841.json

@ -0,0 +1,992 @@
[
{
"id" : "service",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "HTTP"
}
, {
"id" : "SSLv2",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"finding" : "not offered"
}
, {
"id" : "SSLv3",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"finding" : "not offered"
}
, {
"id" : "TLS1",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "offered"
}
, {
"id" : "TLS1_1",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "offered"
}
, {
"id" : "TLS1_2",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "TLS1_3",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered and downgraded to a weaker protocol"
}
, {
"id" : "NPN",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered"
}
, {
"id" : "ALPN",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered"
}
, {
"id" : "cipherlist_NULL",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_aNULL",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_EXPORT",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_LOW",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_3DES_IDEA",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "HIGH",
"cwe" : "CWE-310",
"finding" : "offered"
}
, {
"id" : "cipherlist_AVERAGE",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "LOW",
"cwe" : "CWE-310",
"finding" : "offered"
}
, {
"id" : "cipherlist_STRONG",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "PFS",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "PFS_ciphers",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA"
}
, {
"id" : "PFS_ECDHE_curves",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"finding" : "prime256v1"
}
, {
"id" : "cipher_order",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"finding" : "server"
}
, {
"id" : "protocol_negotiated",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"finding" : "Default protocol TLS1.2"
}
, {
"id" : "cipher_negotiated",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"finding" : "ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)"
}
, {
"id" : "cipherorder_TLSv1",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES256-SHA AES256-SHA ECDHE-RSA-AES128-SHA AES128-SHA ECDHE-RSA-DES-CBC3-SHA DES-CBC3-SHA"
}
, {
"id" : "cipherorder_TLSv1_1",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES256-SHA AES256-SHA ECDHE-RSA-AES128-SHA AES128-SHA ECDHE-RSA-DES-CBC3-SHA DES-CBC3-SHA"
}
, {
"id" : "cipherorder_TLSv1_2",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA AES256-GCM-SHA384 AES256-SHA256 AES256-SHA ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA AES128-GCM-SHA256 AES128-SHA256 AES128-SHA ECDHE-RSA-DES-CBC3-SHA DES-CBC3-SHA"
}
, {
"id" : "TLS_extensions",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "'server name/#0' 'renegotiation info/#65281' 'EC point formats/#11' 'session ticket/#35' 'heartbeat/#15'"
}
, {
"id" : "TLS_session_ticket",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "valid for 300 seconds only (<daily)"
}
, {
"id" : "SSL_sessionID_support",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "yes"
}
, {
"id" : "sessionresumption_ticket",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "supported"
}
, {
"id" : "sessionresumption_ID",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "supported"
}
, {
"id" : "TLS_timestamp",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "off by -1 seconds from your localtime"
}
, {
"id" : "cert_numbers",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "1"
}
, {
"id" : "cert_signatureAlgorithm",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"finding" : "SHA256 with RSA"
}
, {
"id" : "cert_keySize",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "2048 bits"
}
, {
"id" : "cert_keyUsage",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "Digital Signature, Key Encipherment"
}
, {
"id" : "cert_extKeyUsage",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "cert_ext_keyusage"
}
, {
"id" : "cert_serialNumber",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "779F1FD9081DF0799C47C0810134B96BD7A6854B"
}
, {
"id" : "cert_fingerprintSHA1",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "2B0729326DD7410400ABE543EB920B7EBCACEC38"
}
, {
"id" : "cert_fingerprintSHA256",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "47F0F2AC02C00EFC8116A9342EEF585571C99A279730CB68F7426D807100215B"
}
, {
"id" : "cert",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "-----BEGIN CERTIFICATE----- MIIHqjCCBZKgAwIBAgIUd58f2Qgd8HmcR8CBATS5a9emhUswDQYJKoZIhvcNAQEL BQAwTTELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxIzAh BgNVBAMTGlF1b1ZhZGlzIEdsb2JhbCBTU0wgSUNBIEczMB4XDTE5MDExNTAwNTMw NFoXDTIxMDExNTAxMDIwMFowgaUxCzAJBgNVBAYTAk5aMREwDwYDVQQIDAhBdWNr bGFuZDERMA8GA1UEBwwIQXVja2xhbmQxIzAhBgNVBAoMGlRoZSBVbml2ZXJzaXR5 IG9mIEF1Y2tsYW5kMSgwJgYDVQQLDB9JbmZvcm1hdGlvbiBUZWNobm9sb2d5IFNl cnZpY2VzMSEwHwYDVQQDDBhjcmFuLnN0YXQuYXVja2xhbmQuYWMubnowggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnGJMKzE3aBLgDk1A5mUuPBICPpU2K CrisxWOvOCOGVuGQq7GVXUnXkS5Iu96pmSX8tmRvljuTapBjvBTZ0gLG4a6AD9/7 kSLOsdL+VZOQ+MhWXoSerlLDa4v7Gpw1ZiqocFzC8ULHvFDJUGjTBaN1eRN6bJQj 4sHW4Edc2rUuoDedQx/rvr6jLuttQ99S6ZjJMlIDRFQvVW0EBzXflst2B7tEbWhK fO3HhPqzEmWQSId3TP9x49ap5IsfOE9Ks8OBJn+AYd9tBlaVjO+qAvLEDq0Ip/Fe lstoG9WIps98wU/Kh/mI43xi40DOAcRraZxW7kAJSz2FH3MjcaLEOgKbAgMBAAGj ggMnMIIDIzAJBgNVHRMEAjAAMB8GA1UdIwQYMBaAFLMSibWpSzW8FQDwgOnYeIfx E3x2MHMGCCsGAQUFBwEBBGcwZTA3BggrBgEFBQcwAoYraHR0cDovL3RydXN0LnF1 b3ZhZGlzZ2xvYmFsLmNvbS9xdnNzbGczLmNydDAqBggrBgEFBQcwAYYeaHR0cDov L29jc3AucXVvdmFkaXNnbG9iYWwuY29tMCMGA1UdEQQcMBqCGGNyYW4uc3RhdC5h dWNrbGFuZC5hYy5uejBRBgNVHSAESjBIMEYGDCsGAQQBvlgAAmQBATA2MDQGCCsG AQUFBwIBFihodHRwOi8vd3d3LnF1b3ZhZGlzZ2xvYmFsLmNvbS9yZXBvc2l0b3J5 MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATA6BgNVHR8EMzAxMC+gLaAr hilodHRwOi8vY3JsLnF1b3ZhZGlzZ2xvYmFsLmNvbS9xdnNzbGczLmNybDAdBgNV HQ4EFgQUwB+F/Ydl6qDtYXHVCKhlRtkSuR0wDgYDVR0PAQH/BAQDAgWgMIIBfAYK KwYBBAHWeQIEAgSCAWwEggFoAWYAdQBWFAaaL9fC7NP14b1Esj7HRna5vJkRXMDv lJhV1onQ3QAAAWhPCISHAAAEAwBGMEQCIEQg6GIJYenKW6+JZSXcXnbREAO7dq4P sUsA999i1ySBAiA5tR21kLix1eAM5NuWxLRNyjNDWF6zgk6e4YKtEJs2EwB1AG9T dqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABaE8IhVkAAAQDAEYwRAIg S6Tc/WjoUMpFz2TZcRCJvLakYPOmVXMHVAQVBcfqyQ8CIAGdYJ3YPy2bkCmPVtNb 5QVa/ilXkjmGSKfrYWKZ6KQUAHYA7ku9t3XOYLrhQmkfq+GeZqMPfl+wctiDAMR7 iXqo/csAAAFoTwiEgwAABAMARzBFAiEAqMolUYU7hX/SaP5bTzybY7VGVF90QjGI PSW/q2rC6ccCIGdtErW+z3VZlT1jFS5vUTyakgoRBIXrn6FHxpISNqGFMA0GCSqG SIb3DQEBCwUAA4ICAQBdlt+Ue30gtSDHJuN/v5zF7SM+v5YTenX2gC4lPTd2vHV5 IVBTxsxlNyezNQvfS5e2SGYmW6CDY1FhSvlwYGwGTGpuk/U7cGQXPuk2fJMCuxMX E3TTu5YRZEjNQMwwoj0+ZMrHzSqx4z2bRyiicdpL0xpa511gLZc9vQfxeiEv5+Xy nxOjNKUuTHFE4HI2QVt9dgI9OTeFSaa6eECzXtWDQahjer+GbkL2w2M3IgEkbXd1 s7cIGCX+Jkg8UCB/mRWjoMrhrfPnN1F0guZcmWuaGV08xv0BSSflQYDhFIFMouiv 1So4RrPi7osp4VITwCvIF9a6YbfL5u5I6ORzOBuYfhPWCMvJgk5awyCvb0pwVNpy zN5+knSRVbpbiowlURfa84dp+HYXR9/aAaUKnBgMLdZcC4yCBAt13vv+LaSAZVii eBDNvfj+8BPSNknrteORoFJjYlhuzHevJBifxNRuhRYF7GSl1ufe6FDXzao4+s57 lhuIJb2R98EIo2BPjY1VfWF9hmdf4mH7eD2UZFT62etZ2+uP/4PGdniXeMAJ76Zd zfyfnm2idmNyJF4TOP76GphgQjlLB0bcxDrc+RLltqlrHhfh8kn1G9iVZVkDT8G3 IVS5uaxCkimgzRHz1K6Z+vSYU0zyZcPBiuGLDL+o+2lT7eotrhIBWaOsnjxrGQ== -----END CERTIFICATE-----"
}
, {
"id" : "cert_commonName",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"finding" : "cran.stat.auckland.ac.nz"
}
, {
"id" : "cert_commonName_wo_SNI",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "cran.stat.auckland.ac.nz"
}
, {
"id" : "cert_subjectAltName",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "cran.stat.auckland.ac.nz"
}
, {
"id" : "cert_caIssuers",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "QuoVadis Global SSL ICA G3 (QuoVadis Limited from BM)"
}
, {
"id" : "cert_trust",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"finding" : "Ok via SAN and CN (same w/o SNI)"
}
, {
"id" : "cert_chain_of_trust",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"finding" : "passed."
}
, {
"id" : "cert_certificatePolicies_EV",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "no"
}
, {
"id" : "cert_eTLS",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "not present"
}
, {
"id" : "cert_expiration_status",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"finding" : "683 >= 60 days"
}
, {
"id" : "cert_notBefore",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "2019-01-14 19:53"
}
, {
"id" : "cert_notAfter",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"finding" : "2021-01-14 20:02"
}
, {
"id" : "certs_countServer",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "3"
}
, {
"id" : "certs_list_ordering_problem",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "no"
}
, {
"id" : "cert_crlDistributionPoints",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "http://crl.quovadisglobal.com/qvsslg3.crl"
}
, {
"id" : "cert_ocspURL",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "http://ocsp.quovadisglobal.com"
}
, {
"id" : "OCSP_stapling",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "LOW",
"finding" : "not offered"
}
, {
"id" : "cert_mustStapleExtension",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "--"
}
, {
"id" : "DNS_CAArecord",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "LOW",
"finding" : "--"
}
, {
"id" : "certificate_transparency",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"finding" : "yes (certificate extension)"
}
, {
"id" : "HTTP_status_code",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "200 OK ('/')"
}
, {
"id" : "HTTP_clock_skew",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "0 seconds from localtime"
}
, {
"id" : "HSTS",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "LOW",
"finding" : "not offered"
}
, {
"id" : "HPKP",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "No support for HTTP Public Key Pinning"
}
, {
"id" : "banner_server",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "Apache/2.2.15 (Red Hat)"
}
, {
"id" : "banner_application",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "No application banner found"
}
, {
"id" : "cookie_count",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "0 at '/'"
}
, {
"id" : "security_headers",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "MEDIUM",
"finding" : "--"
}
, {
"id" : "banner_reverseproxy",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"cwe" : "CWE-200",
"finding" : "--"
}
, {
"id" : "heartbleed",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-0160",
"cwe" : "CWE-119",
"finding" : "not vulnerable , timed out"
}
, {
"id" : "CCS",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-0224",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "ticketbleed",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-9244",
"cwe" : "CWE-200",
"finding" : "not vulnerable, returned potential memory fragments do not differ"
}
, {
"id" : "ROBOT",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2017-17382 CVE-2017-17427 CVE-2017-17428 CVE-2017-13098 CVE-2017-1000385 CVE-2017-13099 CVE-2016-6883 CVE-2012-5081 CVE-2017-6168",
"cwe" : "CWE-203",
"finding" : "not vulnerable"
}
, {
"id" : "secure_renego",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2009-3555",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "secure_client_renego",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2009-3555",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "CRIME_TLS",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2012-4929",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "BREACH",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2013-3587",
"cwe" : "CWE-310",
"finding" : "not vulnerable, no HTTP compression - only supplied '/' tested"
}
, {
"id" : "POODLE_SSL",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-3566",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "fallback_SCSV",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"finding" : "supported"
}
, {
"id" : "SWEET32",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "LOW",
"cve" : "CVE-2016-2183 CVE-2016-6329",
"cwe" : "CWE-327",
"finding" : "uses 64 bit block ciphers"
}
, {
"id" : "FREAK",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-0204",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "DROWN",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-0800 CVE-2016-0703",
"cwe" : "CWE-310",
"finding" : "not vulnerable to DROWN on this host and port"
}
, {
"id" : "DROWN",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"cve" : "CVE-2016-0800 CVE-2016-0703",
"cwe" : "CWE-310",
"finding" : "Make sure you don't use this certificate elsewhere with SSLv2 enabled services, see https://censys.io/ipv4?q=47F0F2AC02C00EFC8116A9342EEF585571C99A279730CB68F7426D807100215B"
}
, {
"id" : "LOGJAM",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-4000",
"cwe" : "CWE-310",
"finding" : "not vulnerable, no DH EXPORT ciphers,"
}
, {
"id" : "LOGJAM-common_primes",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-4000",
"cwe" : "CWE-310",
"finding" : "no DH key with <= TLS 1.2"
}
, {
"id" : "BEAST_CBC_TLS1",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "MEDIUM",
"cve" : "CVE-2011-3389",
"cwe" : "CWE-20",
"finding" : "ECDHE-RSA-AES256-SHA AES256-SHA ECDHE-RSA-AES128-SHA AES128-SHA ECDHE-RSA-DES-CBC3-SHA DES-CBC3-SHA"
}
, {
"id" : "BEAST",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "LOW",
"cve" : "CVE-2011-3389",
"cwe" : "CWE-20",
"finding" : "VULNERABLE -- but also supports higher protocols TLSv1.1 TLSv1.2 (likely mitigated)"
}
, {
"id" : "LUCKY13",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "LOW",
"cve" : "CVE-2013-0169",
"cwe" : "CWE-310",
"finding" : "potentially vulnerable, uses TLS CBC ciphers"
}
, {
"id" : "RC4",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2013-2566 CVE-2015-2808",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "cipher_xc030",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH 256 AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
}
, {
"id" : "cipher_xc028",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "xc028 ECDHE-RSA-AES256-SHA384 ECDH 256 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"
}
, {
"id" : "cipher_xc014",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "xc014 ECDHE-RSA-AES256-SHA ECDH 256 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
}
, {
"id" : "cipher_x9d",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "x9d AES256-GCM-SHA384 RSA AESGCM 256 TLS_RSA_WITH_AES_256_GCM_SHA384"
}
, {
"id" : "cipher_x3d",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "x3d AES256-SHA256 RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA256"
}
, {
"id" : "cipher_x35",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "x35 AES256-SHA RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA"
}
, {
"id" : "cipher_xc02f",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH 256 AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
}
, {
"id" : "cipher_xc027",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "xc027 ECDHE-RSA-AES128-SHA256 ECDH 256 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
}
, {
"id" : "cipher_xc013",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "xc013 ECDHE-RSA-AES128-SHA ECDH 256 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
}
, {
"id" : "cipher_x9c",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "x9c AES128-GCM-SHA256 RSA AESGCM 128 TLS_RSA_WITH_AES_128_GCM_SHA256"
}
, {
"id" : "cipher_x3c",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "x3c AES128-SHA256 RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA256"
}
, {
"id" : "cipher_x2f",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "x2f AES128-SHA RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA"
}
, {
"id" : "cipher_xc012",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "xc012 ECDHE-RSA-DES-CBC3-SHA ECDH 256 3DES 168 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"
}
, {
"id" : "cipher_x0a",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "x0a DES-CBC3-SHA RSA 3DES 168 TLS_RSA_WITH_3DES_EDE_CBC_SHA"
}
, {
"id" : "clientsimulation-android_422",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-android_442",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-android_500",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-android_60",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-android_70",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-chrome_65_win7",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-chrome_70_win10",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-firefox_59_win7",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-firefox_62_win7",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-ie_6_xp",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-ie_7_vista",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-ie_8_win7",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-ie_8_xp",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DES-CBC3-SHA"
}
, {
"id" : "clientsimulation-ie_11_win7",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-SHA384"
}
, {
"id" : "clientsimulation-ie_11_win81",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-SHA384"
}
, {
"id" : "clientsimulation-ie_11_winphone81",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-ie_11_win10",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-edge_13_win10",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-edge_13_winphone10",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-edge_15_win10",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-opera_17_win7",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-safari_9_ios9",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-safari_9_osx1011",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-safari_10_osx1012",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-apple_ats_9_ios9",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-tor_1709_win7",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-java_6u45",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES128-SHA"
}
, {
"id" : "clientsimulation-java_7u25",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES128-SHA"
}
, {
"id" : "clientsimulation-java_8u161",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-java_904",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-openssl_101l",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-openssl_102e",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "scanTime",
"ip" : "cran.stat.auckland.ac.nz/130.216.2.235",
"port" : "443",
"severity" : "INFO",
"finding" : "345"
}
]

1111
data/ssl/cran.stat.nus.edu.sg_p443-20190303-0842.json

File diff suppressed because it is too large

1188
data/ssl/cran.stat.unipd.it_p443-20190303-0839.json

File diff suppressed because it is too large

1083
data/ssl/cran.stat.upd.edu.ph_p443-20190303-0842.json

File diff suppressed because it is too large

1076
data/ssl/cran.uib.no_p443-20190303-0842.json

File diff suppressed because it is too large

1076
data/ssl/cran.um.ac.ir_p443-20190303-0839.json

File diff suppressed because it is too large

1188
data/ssl/cran.uni-muenster.de_p443-20190303-0838.json

File diff suppressed because it is too large

1020
data/ssl/cran.univ-paris1.fr_p443-20190303-0837.json

File diff suppressed because it is too large

1027
data/ssl/cran.usthb.dz_p443-20190303-0733.json

File diff suppressed because it is too large

1076
data/ssl/cran.wu.ac.at_p443-20190303-0804.json

File diff suppressed because it is too large

1120
data/ssl/cran.yu.ac.kr_p443-20190303-0840.json

File diff suppressed because it is too large

1048
data/ssl/dirichlet.mat.puc.cl_p443-20190303-0835.json

File diff suppressed because it is too large

1034
data/ssl/espejito.fder.edu.uy_p443-20190303-0848.json

File diff suppressed because it is too large

2615
data/ssl/fourdots.com_p443-20190303-0842.json

File diff suppressed because it is too large

2017
data/ssl/ftp.acc.umu.se_p443-20190303-0843.json

File diff suppressed because it is too large

1055
data/ssl/ftp.cc.uoc.gr_p443-20190303-0838.json

File diff suppressed because it is too large

1075
data/ssl/ftp.cixug.es_p443-20190303-0843.json

File diff suppressed because it is too large

1041
data/ssl/ftp.eenet.ee_p443-20190303-0835.json

File diff suppressed because it is too large

1013
data/ssl/ftp.fau.de_p443-20190303-0837.json

File diff suppressed because it is too large

943
data/ssl/ftp.gwdg.de_p443-20190303-0837.json

@ -0,0 +1,943 @@
[
{
"id" : "service",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "HTTP"
}
, {
"id" : "SSLv2",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"finding" : "not offered"
}
, {
"id" : "SSLv3",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"finding" : "not offered"
}
, {
"id" : "TLS1",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "offered"
}
, {
"id" : "TLS1_1",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "offered"
}
, {
"id" : "TLS1_2",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "TLS1_3",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered and downgraded to a weaker protocol"
}
, {
"id" : "NPN",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "offered with http/1.1 (advertised)"
}
, {
"id" : "ALPN",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered"
}
, {
"id" : "cipherlist_NULL",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_aNULL",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_EXPORT",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_LOW",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_3DES_IDEA",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-310",
"finding" : "not offered"
}
, {
"id" : "cipherlist_AVERAGE",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "LOW",
"cwe" : "CWE-310",
"finding" : "offered"
}
, {
"id" : "cipherlist_STRONG",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "PFS",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "PFS_ciphers",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "PFS_ECDHE_curves",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"finding" : "secp384r1"
}
, {
"id" : "cipher_order",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"finding" : "server"
}
, {
"id" : "protocol_negotiated",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"finding" : "Default protocol TLS1.2"
}
, {
"id" : "cipher_negotiated",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"finding" : "ECDHE-RSA-AES256-GCM-SHA384, 384 bit ECDH (P-384)"
}
, {
"id" : "cipherorder_TLSv1",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES256-SHA"
}
, {
"id" : "cipherorder_TLSv1_1",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES256-SHA"
}
, {
"id" : "cipherorder_TLSv1_2",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "TLS_extensions",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "'renegotiation info/#65281' 'EC point formats/#11' 'heartbeat/#15' 'next protocol/#13172'"
}
, {
"id" : "TLS_session_ticket",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "No lifetime advertised"
}
, {
"id" : "SSL_sessionID_support",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "yes"
}
, {
"id" : "sessionresumption_ticket",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "supported"
}
, {
"id" : "sessionresumption_ID",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "supported"
}
, {
"id" : "TLS_timestamp",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "random"
}
, {
"id" : "cert_numbers",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "1"
}
, {
"id" : "cert_signatureAlgorithm",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"finding" : "SHA256 with RSA"
}
, {
"id" : "cert_keySize",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "2048 bits"
}
, {
"id" : "cert_keyUsage",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "Digital Signature, Key Encipherment"
}
, {
"id" : "cert_extKeyUsage",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "cert_ext_keyusage"
}
, {
"id" : "cert_serialNumber",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "1BADB95D3A39B9"
}
, {
"id" : "cert_fingerprintSHA1",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "27A291E308968B073880AD6FB1861D4FF82B22E0"
}
, {
"id" : "cert_fingerprintSHA256",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "9D66C1E08A5C85BC332647C8C9413574A9F907DF55510218AC8FAC70D3D4D47B"
}
, {
"id" : "cert",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "-----BEGIN CERTIFICATE----- MIIGXTCCBUWgAwIBAgIHG625XTo5uTANBgkqhkiG9w0BAQsFADCBuzELMAkGA1UE BhMCREUxFjAUBgNVBAgTDU5JRURFUlNBQ0hTRU4xEzARBgNVBAcTCkdPRVRUSU5H RU4xPjA8BgNVBAoTNUdlc2VsbHNjaGFmdCBmdWVyIHdpc3NlbnNjaGFmdGxpY2hl IERhdGVudmVyYXJiZWl0dW5nMQ0wCwYDVQQLEwRHV0RHMRAwDgYDVQQDEwdHV0RH IENBMR4wHAYJKoZIhvcNAQkBFg9nd2RnLWNhQGd3ZGcuZGUwHhcNMTYwNzE5MTQ0 MDE0WhcNMTkwNzA5MjM1OTAwWjCBkTELMAkGA1UEBhMCREUxFjAUBgNVBAgMDU5J RURFUlNBQ0hTRU4xEzARBgNVBAcMCkdPRVRUSU5HRU4xPjA8BgNVBAoMNUdlc2Vs bHNjaGFmdCBmdWVyIHdpc3NlbnNjaGFmdGxpY2hlIERhdGVudmVyYXJiZWl0dW5n MRUwEwYDVQQDDAxmdHA2Lmd3ZGcuZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw ggEKAoIBAQDfFNxgwEBFYdFVewOYZReyjfBxC0wyWl0U6aazPYpCEP1GOYmX+qHT FPZwov5nhQfwmEymXsxJG9oS3BqCPiwINrmsAaHH9byREha/ZXTSCZrHJnP9LIRk ph6PxewZ2lhvXklkkmtm9UwtIndZeYqSVyWQAbY70QRreIDk5uifdC7yqCjziLFh TLipJEQmiQEjQcVY56rxQMhpGEO06Tk/X2dIvlSCQnXo++I06rXDeIhwhMjH1a9O RATbLcu1AaGjXj/cY49NP6gINH6j8ebpagAb2HnUEcQeswdJ+bnkHk1y38XU/lJ5 maL6tNdcvQDfP8uSCV82aKhGBk+qseRtAgMBAAGjggKMMIICiDBZBgNVHSAEUjBQ MBEGDysGAQQBga0hgiwBAQQDBTARBg8rBgEEAYGtIYIsAgEEAwEwDwYNKwYBBAGB rSGCLAEBBDANBgsrBgEEAYGtIYIsHjAIBgZngQwBAgIwCQYDVR0TBAIwADAOBgNV HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1Ud DgQWBBRpjFFkh2wkjLZ8JK0iK8XJrxDMNDAfBgNVHSMEGDAWgBSm5P+Y/eVJMn5c dfIWok2MdDXeIjBqBgNVHREEYzBhggtmdHAuZ3dkZy5kZYIMZnRwMS5nd2RnLmRl ggxmdHAyLmd3ZGcuZGWCDGZ0cDMuZ3dkZy5kZYIMZnRwNC5nd2RnLmRlggxmdHA1 Lmd3ZGcuZGWCDGZ0cDYuZ3dkZy5kZTB5BgNVHR8EcjBwMDagNKAyhjBodHRwOi8v Y2RwMS5wY2EuZGZuLmRlL2d3ZGctY2EvcHViL2NybC9jYWNybC5jcmwwNqA0oDKG MGh0dHA6Ly9jZHAyLnBjYS5kZm4uZGUvZ3dkZy1jYS9wdWIvY3JsL2NhY3JsLmNy bDCByQYIKwYBBQUHAQEEgbwwgbkwMwYIKwYBBQUHMAGGJ2h0dHA6Ly9vY3NwLnBj YS5kZm4uZGUvT0NTUC1TZXJ2ZXIvT0NTUDBABggrBgEFBQcwAoY0aHR0cDovL2Nk cDEucGNhLmRmbi5kZS9nd2RnLWNhL3B1Yi9jYWNlcnQvY2FjZXJ0LmNydDBABggr BgEFBQcwAoY0aHR0cDovL2NkcDIucGNhLmRmbi5kZS9nd2RnLWNhL3B1Yi9jYWNl cnQvY2FjZXJ0LmNydDANBgkqhkiG9w0BAQsFAAOCAQEAe1wkpGnnPQ5E70fpUsWy PcqKgyzWg6ShNG9oSomz1ITBP1pCpgvwGXk7eI3dQ2IphgBUS64p7aXFHWJJ3KoU JmGcqNQzjhllknzz3aCMkB8LqEzZ708U0+p5WlmZv1Fh3TWaSPWTGrfx7Y01rb5c zoOKgd9qp16ggiYoSHOEi3247aTHgEz0cxU9YX4Z5R5DHRLWKNQIJVm+FLUtgt4W fDiQpaZBjZK/V4dlgjEH5pQVwPvb6bFOW8BrIDB6a17ggkWCkX6hog5H6KNAaU0Z 3N4UrxXyY2o7wYvqCBdnUjmDlz/XlvieQ1+w9FAYQfPMiwyDpq6VEM1IXjCeUoM7 NA== -----END CERTIFICATE-----"
}
, {
"id" : "cert_commonName",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"finding" : "ftp6.gwdg.de"
}
, {
"id" : "cert_commonName_wo_SNI",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "ftp6.gwdg.de"
}
, {
"id" : "cert_subjectAltName",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "ftp.gwdg.de ftp1.gwdg.de ftp2.gwdg.de ftp3.gwdg.de ftp4.gwdg.de ftp5.gwdg.de ftp6.gwdg.de"
}
, {
"id" : "cert_caIssuers",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "GWDG CA (Gesellschaft fuer wissenschaftliche Datenverarbeitung from DE)"
}
, {
"id" : "cert_trust",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"finding" : "Ok via SAN (same w/o SNI)"
}
, {
"id" : "cert_chain_of_trust",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"finding" : "passed."
}
, {
"id" : "cert_certificatePolicies_EV",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "no"
}
, {
"id" : "cert_eTLS",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "not present"
}
, {
"id" : "cert_expiration_status",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"finding" : "128 >= 60 days"
}
, {
"id" : "cert_notBefore",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "2016-07-19 10:40"
}
, {
"id" : "cert_notAfter",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"finding" : "2019-07-09 19:59"
}
, {
"id" : "certs_countServer",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "3"
}
, {
"id" : "certs_list_ordering_problem",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "no"
}
, {
"id" : "cert_crlDistributionPoints",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "http://cdp1.pca.dfn.de/gwdg-ca/pub/crl/cacrl.crl http://cdp2.pca.dfn.de/gwdg-ca/pub/crl/cacrl.crl"
}
, {
"id" : "cert_ocspURL",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "http://ocsp.pca.dfn.de/OCSP-Server/OCSP"
}
, {
"id" : "OCSP_stapling",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "LOW",
"finding" : "not offered"
}
, {
"id" : "cert_mustStapleExtension",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "--"
}
, {
"id" : "DNS_CAArecord",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "LOW",
"finding" : "--"
}
, {
"id" : "certificate_transparency",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "--"
}
, {
"id" : "HTTP_status_code",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "200 OK ('/pub/misc/cran/')"
}
, {
"id" : "HTTP_clock_skew",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "-69 seconds from localtime"
}
, {
"id" : "HSTS_time",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"finding" : "730 days (=63072000 seconds) > 15465600 seconds"
}
, {
"id" : "HSTS_subdomains",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"finding" : "includes subdomains"
}
, {
"id" : "HSTS_preload",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"finding" : "domain IS marked for preloading"
}
, {
"id" : "HPKP",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "No support for HTTP Public Key Pinning"
}
, {
"id" : "banner_server",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "nginx/1.15.9"
}
, {
"id" : "banner_application",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "No application banner found"
}
, {
"id" : "cookie_count",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "0 at '/pub/misc/cran/'"
}
, {
"id" : "X-Frame-Options",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"finding" : "SAMEORIGIN"
}
, {
"id" : "X-Content-Type-Options",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"finding" : "nosniff"
}
, {
"id" : "banner_reverseproxy",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"cwe" : "CWE-200",
"finding" : "--"
}
, {
"id" : "heartbleed",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-0160",
"cwe" : "CWE-119",
"finding" : "not vulnerable , timed out"
}
, {
"id" : "CCS",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-0224",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "ticketbleed",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-9244",
"cwe" : "CWE-200",
"finding" : "no session ticket extension"
}
, {
"id" : "ROBOT",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2017-17382 CVE-2017-17427 CVE-2017-17428 CVE-2017-13098 CVE-2017-1000385 CVE-2017-13099 CVE-2016-6883 CVE-2012-5081 CVE-2017-6168",
"cwe" : "CWE-203",
"finding" : "not vulnerable, no RSA key transport cipher"
}
, {
"id" : "secure_renego",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2009-3555",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "secure_client_renego",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2009-3555",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "CRIME_TLS",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2012-4929",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "BREACH",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2013-3587",
"cwe" : "CWE-310",
"finding" : "not vulnerable, no HTTP compression - only supplied '/pub/misc/cran/' tested"
}
, {
"id" : "POODLE_SSL",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-3566",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "fallback_SCSV",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"finding" : "supported"
}
, {
"id" : "SWEET32",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-2183 CVE-2016-6329",
"cwe" : "CWE-327",
"finding" : "not vulnerable"
}
, {
"id" : "FREAK",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-0204",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "DROWN",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-0800 CVE-2016-0703",
"cwe" : "CWE-310",
"finding" : "not vulnerable to DROWN on this host and port"
}
, {
"id" : "DROWN",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"cve" : "CVE-2016-0800 CVE-2016-0703",
"cwe" : "CWE-310",
"finding" : "Make sure you don't use this certificate elsewhere with SSLv2 enabled services, see https://censys.io/ipv4?q=9D66C1E08A5C85BC332647C8C9413574A9F907DF55510218AC8FAC70D3D4D47B"
}
, {
"id" : "LOGJAM",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-4000",
"cwe" : "CWE-310",
"finding" : "not vulnerable, no DH EXPORT ciphers,"
}
, {
"id" : "LOGJAM-common_primes",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-4000",
"cwe" : "CWE-310",
"finding" : "no DH key with <= TLS 1.2"
}
, {
"id" : "BEAST_CBC_TLS1",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "MEDIUM",
"cve" : "CVE-2011-3389",
"cwe" : "CWE-20",
"finding" : "ECDHE-RSA-AES256-SHA"
}
, {
"id" : "BEAST",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "LOW",
"cve" : "CVE-2011-3389",
"cwe" : "CWE-20",
"finding" : "VULNERABLE -- but also supports higher protocols TLSv1.1 TLSv1.2 (likely mitigated)"
}
, {
"id" : "LUCKY13",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "LOW",
"cve" : "CVE-2013-0169",
"cwe" : "CWE-310",
"finding" : "potentially vulnerable, uses TLS CBC ciphers"
}
, {
"id" : "RC4",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2013-2566 CVE-2015-2808",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "cipher_xc030",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH 384 AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
}
, {
"id" : "cipher_xc028",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "xc028 ECDHE-RSA-AES256-SHA384 ECDH 384 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"
}
, {
"id" : "cipher_xc014",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "xc014 ECDHE-RSA-AES256-SHA ECDH 384 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
}
, {
"id" : "cipher_xc02f",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH 384 AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
}
, {
"id" : "clientsimulation-android_422",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-android_442",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-android_500",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-android_60",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-android_70",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-chrome_65_win7",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-chrome_70_win10",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-firefox_59_win7",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-firefox_62_win7",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-ie_6_xp",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-ie_7_vista",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-ie_8_win7",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-ie_8_xp",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-ie_11_win7",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-SHA384"
}
, {
"id" : "clientsimulation-ie_11_win81",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-SHA384"
}
, {
"id" : "clientsimulation-ie_11_winphone81",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-ie_11_win10",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-edge_13_win10",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-edge_13_winphone10",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-edge_15_win10",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-opera_17_win7",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-safari_9_ios9",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-safari_9_osx1011",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-safari_10_osx1012",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-apple_ats_9_ios9",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-tor_1709_win7",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-java_6u45",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-java_7u25",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-java_8u161",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-java_904",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-openssl_101l",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-openssl_102e",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "scanTime",
"ip" : "ftp.gwdg.de/134.76.12.6",
"port" : "443",
"severity" : "INFO",
"finding" : "111"
}
]

3489
data/ssl/ftp.harukasan.org_p443-20190303-0840.json

File diff suppressed because it is too large

1053
data/ssl/ftp.heanet.ie_p443-20190303-0839.json

File diff suppressed because it is too large

943
data/ssl/ftp.igh.cnrs.fr_p443-20190303-0837.json

@ -0,0 +1,943 @@
[
{
"id" : "service",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "HTTP"
}
, {
"id" : "SSLv2",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"finding" : "not offered"
}
, {
"id" : "SSLv3",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"finding" : "not offered"
}
, {
"id" : "TLS1",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "offered"
}
, {
"id" : "TLS1_1",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "offered"
}
, {
"id" : "TLS1_2",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "TLS1_3",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered and downgraded to a weaker protocol"
}
, {
"id" : "NPN",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "offered with http/1.1 (advertised)"
}
, {
"id" : "ALPN",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered"
}
, {
"id" : "cipherlist_NULL",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_aNULL",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_EXPORT",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_LOW",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_3DES_IDEA",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-310",
"finding" : "not offered"
}
, {
"id" : "cipherlist_AVERAGE",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "LOW",
"cwe" : "CWE-310",
"finding" : "offered"
}
, {
"id" : "cipherlist_STRONG",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "PFS",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "PFS_ciphers",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES256-SHA384 ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES128-SHA"
}
, {
"id" : "PFS_ECDHE_curves",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"finding" : "prime256v1"
}
, {
"id" : "cipher_order",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"finding" : "server"
}
, {
"id" : "protocol_negotiated",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"finding" : "Default protocol TLS1.2"
}
, {
"id" : "cipher_negotiated",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"finding" : "ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)"
}
, {
"id" : "cipherorder_TLSv1",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA"
}
, {
"id" : "cipherorder_TLSv1_1",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA"
}
, {
"id" : "cipherorder_TLSv1_2",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA384 ECDHE-ECDSA-AES256-SHA"
}
, {
"id" : "TLS_extensions",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "'renegotiation info/#65281' 'EC point formats/#11' 'session ticket/#35' 'status request/#5' 'heartbeat/#15' 'next protocol/#13172'"
}
, {
"id" : "TLS_session_ticket",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "valid for 300 seconds only (<daily)"
}
, {
"id" : "SSL_sessionID_support",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "yes"
}
, {
"id" : "sessionresumption_ticket",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "supported"
}
, {
"id" : "sessionresumption_ID",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "supported"
}
, {
"id" : "TLS_timestamp",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "random"
}
, {
"id" : "cert_numbers",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "1"
}
, {
"id" : "cert_signatureAlgorithm",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"finding" : "SHA256 with RSA"
}
, {
"id" : "cert_keySize",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"finding" : "256 EC bits"
}
, {
"id" : "cert_keyUsage",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "Digital Signature"
}
, {
"id" : "cert_extKeyUsage",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "cert_ext_keyusage"
}
, {
"id" : "cert_serialNumber",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "0499DF575990573957ECE8EA437972E75ECE"
}
, {
"id" : "cert_fingerprintSHA1",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "5B25EE1C2C5DE5CFA70B9D9F4910ADDA0FE7B2D8"
}
, {
"id" : "cert_fingerprintSHA256",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "DF5D82F5EBB16EF983740A1C5E0774F607FD44C381B07D145F1A1EEDE0E5FFED"
}
, {
"id" : "cert",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "-----BEGIN CERTIFICATE----- MIIEizCCA3OgAwIBAgISBJnfV1mQVzlX7OjqQ3ly517OMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTAxMTcxNTM4MThaFw0x OTA0MTcxNTM4MThaMBoxGDAWBgNVBAMTD2Z0cC5pZ2guY25ycy5mcjBZMBMGByqG SM49AgEGCCqGSM49AwEHA0IABIACMfESW4YAHv0ZTkjB8Ph8MLBtcqL2zW1c+NRv x83igyiMHlSE4SELgbRi2J2OyExDKS58lVoBDFmKhlLH5BOjggJkMIICYDAOBgNV HQ8BAf8EBAMCB4AwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1Ud EwEB/wQCMAAwHQYDVR0OBBYEFNZ5GVIipthJaNzyf7U0aLU7Zx3VMB8GA1UdIwQY MBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEF BQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEF BQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wGgYDVR0R BBMwEYIPZnRwLmlnaC5jbnJzLmZyMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysG AQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQu b3JnMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYA4mlLribo6UAJ6IYbtjuD1D7n /nSI+6SPKJMBnd3x2/4AAAFoXK12pgAABAMARzBFAiB3TTKccelagCHt7QBenvTv Df4CWEDEqxwgXnk4K+iDBwIhAMerS5HoTmgKNKzaZfr9WHXDJ91vFgSEMQWWkyCS jvJ3AHYAKTxRllTIOWW6qlD8WAfUt2+/WHopctykwwz05UVH9HgAAAFoXK10pAAA BAMARzBFAiBl7KNUiahDjoYBe+k2H1it8BBYfrS3pcyiYttxwGz+wwIhAOuMkdR5 Kz2qnk6mIy6qam2q6GzOOr6q/d71Rv/E477dMA0GCSqGSIb3DQEBCwUAA4IBAQBw b3+9Q4Hzf+rzJ4CQ7fAOagTBALBOUgGaqZthLMGZvAB9PLzDsmda/cAIDTf9XB0Y NVjWyhib8vGD5f/hbb4O7FJCHELwL8cVOK3bu7ye+JhTzJPRZL6DkHR1wavxO07n SMfrgOrbpBVCbXCuexF8Wc6ERRlnVxGc16wlJmgI8HneKoVGPGvtiiostbt5pUpz KibHKI4RA0gDKQEtL63MqQSl7BoMAmNjvMxieygNU4tPRbKXxi1hP0NDBozUWIFH Ts0c3loBeYHlHQr4qJYJsURGZI6KyY+0gvZ3f5WEw1uKAtWodLqRxvgmij196Hvm bgZl1UT7GAuuHb6x15R0 -----END CERTIFICATE-----"
}
, {
"id" : "cert_commonName",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"finding" : "ftp.igh.cnrs.fr"
}
, {
"id" : "cert_commonName_wo_SNI",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "ftp.igh.cnrs.fr"
}
, {
"id" : "cert_subjectAltName",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "ftp.igh.cnrs.fr"
}
, {
"id" : "cert_caIssuers",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "Let's Encrypt Authority X3 (Let's Encrypt from US)"
}
, {
"id" : "cert_trust",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"finding" : "Ok via SAN and CN (same w/o SNI)"
}
, {
"id" : "cert_chain_of_trust",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"finding" : "passed."
}
, {
"id" : "cert_certificatePolicies_EV",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "no"
}
, {
"id" : "cert_eTLS",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "not present"
}
, {
"id" : "cert_expiration_status",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"finding" : "45 >= 30 days"
}
, {
"id" : "cert_notBefore",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "2019-01-17 10:38"
}
, {
"id" : "cert_notAfter",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"finding" : "2019-04-17 11:38"
}
, {
"id" : "certs_countServer",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "2"
}
, {
"id" : "certs_list_ordering_problem",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "no"
}
, {
"id" : "cert_crlDistributionPoints",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "--"
}
, {
"id" : "cert_ocspURL",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "http://ocsp.int-x3.letsencrypt.org"
}
, {
"id" : "OCSP_stapling",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "cert_ocspRevoked",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"finding" : "not revoked"
}
, {
"id" : "cert_mustStapleExtension",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "--"
}
, {
"id" : "DNS_CAArecord",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "LOW",
"finding" : "--"
}
, {
"id" : "certificate_transparency",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"finding" : "yes (certificate extension)"
}
, {
"id" : "HTTP_status_code",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "200 OK ('/pub/CRAN/')"
}
, {
"id" : "HTTP_clock_skew",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "-31 seconds from localtime"
}
, {
"id" : "HSTS",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "LOW",
"finding" : "not offered"
}
, {
"id" : "HPKP",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "No support for HTTP Public Key Pinning"
}
, {
"id" : "banner_server",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "nginx"
}
, {
"id" : "banner_application",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "No application banner found"
}
, {
"id" : "cookie_count",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "0 at '/pub/CRAN/'"
}
, {
"id" : "security_headers",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "MEDIUM",
"finding" : "--"
}
, {
"id" : "banner_reverseproxy",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"cwe" : "CWE-200",
"finding" : "--"
}
, {
"id" : "heartbleed",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-0160",
"cwe" : "CWE-119",
"finding" : "not vulnerable , timed out"
}
, {
"id" : "CCS",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-0224",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "ticketbleed",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-9244",
"cwe" : "CWE-200",
"finding" : "not vulnerable"
}
, {
"id" : "ROBOT",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2017-17382 CVE-2017-17427 CVE-2017-17428 CVE-2017-13098 CVE-2017-1000385 CVE-2017-13099 CVE-2016-6883 CVE-2012-5081 CVE-2017-6168",
"cwe" : "CWE-203",
"finding" : "not vulnerable, no RSA key transport cipher"
}
, {
"id" : "secure_renego",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2009-3555",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "secure_client_renego",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2009-3555",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "CRIME_TLS",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2012-4929",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "BREACH",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2013-3587",
"cwe" : "CWE-310",
"finding" : "not vulnerable, no HTTP compression - only supplied '/pub/CRAN/' tested"
}
, {
"id" : "POODLE_SSL",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-3566",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "fallback_SCSV",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"finding" : "supported"
}
, {
"id" : "SWEET32",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-2183 CVE-2016-6329",
"cwe" : "CWE-327",
"finding" : "not vulnerable"
}
, {
"id" : "FREAK",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-0204",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "DROWN",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-0800 CVE-2016-0703",
"cwe" : "CWE-310",
"finding" : "not vulnerable to DROWN on this host and port"
}
, {
"id" : "DROWN",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"cve" : "CVE-2016-0800 CVE-2016-0703",
"cwe" : "CWE-310",
"finding" : "no RSA certificate, can't be used with SSLv2 elsewhere"
}
, {
"id" : "LOGJAM",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-4000",
"cwe" : "CWE-310",
"finding" : "not vulnerable, no DH EXPORT ciphers,"
}
, {
"id" : "LOGJAM-common_primes",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-4000",
"cwe" : "CWE-310",
"finding" : "no DH key with <= TLS 1.2"
}
, {
"id" : "BEAST_CBC_TLS1",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "MEDIUM",
"cve" : "CVE-2011-3389",
"cwe" : "CWE-20",
"finding" : "ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA"
}
, {
"id" : "BEAST",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "LOW",
"cve" : "CVE-2011-3389",
"cwe" : "CWE-20",
"finding" : "VULNERABLE -- but also supports higher protocols TLSv1.1 TLSv1.2 (likely mitigated)"
}
, {
"id" : "LUCKY13",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "LOW",
"cve" : "CVE-2013-0169",
"cwe" : "CWE-310",
"finding" : "potentially vulnerable, uses TLS CBC ciphers"
}
, {
"id" : "RC4",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2013-2566 CVE-2015-2808",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "cipher_xc02c",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "xc02c ECDHE-ECDSA-AES256-GCM-SHA384 ECDH 256 AESGCM 256 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"
}
, {
"id" : "cipher_xc024",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "xc024 ECDHE-ECDSA-AES256-SHA384 ECDH 256 AES 256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"
}
, {
"id" : "cipher_xc00a",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "xc00a ECDHE-ECDSA-AES256-SHA ECDH 256 AES 256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"
}
, {
"id" : "cipher_xc02b",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "xc02b ECDHE-ECDSA-AES128-GCM-SHA256 ECDH 256 AESGCM 128 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"
}
, {
"id" : "cipher_xc023",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "xc023 ECDHE-ECDSA-AES128-SHA256 ECDH 256 AES 128 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"
}
, {
"id" : "cipher_xc009",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "xc009 ECDHE-ECDSA-AES128-SHA ECDH 256 AES 128 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"
}
, {
"id" : "clientsimulation-android_422",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-ECDSA-AES128-SHA"
}
, {
"id" : "clientsimulation-android_442",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-android_500",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-android_60",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-android_70",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-chrome_65_win7",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-chrome_70_win10",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-firefox_59_win7",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-firefox_62_win7",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-ie_6_xp",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-ie_7_vista",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-ECDSA-AES128-SHA"
}
, {
"id" : "clientsimulation-ie_8_win7",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-ECDSA-AES128-SHA"
}
, {
"id" : "clientsimulation-ie_8_xp",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-ie_11_win7",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-ie_11_win81",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-ie_11_winphone81",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-ie_11_win10",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-edge_13_win10",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-edge_13_winphone10",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-edge_15_win10",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-opera_17_win7",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-SHA256"
}
, {
"id" : "clientsimulation-safari_9_ios9",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-safari_9_osx1011",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-safari_10_osx1012",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-apple_ats_9_ios9",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-tor_1709_win7",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-ECDSA-AES128-SHA"
}
, {
"id" : "clientsimulation-java_6u45",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-java_7u25",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-ECDSA-AES128-SHA"
}
, {
"id" : "clientsimulation-java_8u161",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-java_904",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-openssl_101l",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-openssl_102e",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "scanTime",
"ip" : "ftp.igh.cnrs.fr/193.50.6.155",
"port" : "443",
"severity" : "INFO",
"finding" : "117"
}
]

3126
data/ssl/ftp.osuosl.org_p443-20190303-0847.json

File diff suppressed because it is too large

1090
data/ssl/ftp.ussg.iu.edu_p443-20190303-0846.json

File diff suppressed because it is too large

3989
data/ssl/ftp.yz.yamagata-u.ac.jp_p443-20190303-0839.json

File diff suppressed because it is too large

1013
data/ssl/ftp.yzu.edu.tw_p443-20190303-0844.json

File diff suppressed because it is too large

1083
data/ssl/lib.ugent.be_p443-20190303-0809.json

File diff suppressed because it is too large

1167
data/ssl/mirror-hk.koddos.net_p443-20190303-0835.json

File diff suppressed because it is too large

934
data/ssl/mirror.aarnet.edu.au_p443-20190303-0749.json

@ -0,0 +1,934 @@
[
{
"id" : "service",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "HTTP"
}
, {
"id" : "SSLv2",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"finding" : "not offered"
}
, {
"id" : "SSLv3",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"finding" : "not offered"
}
, {
"id" : "TLS1",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered"
}
, {
"id" : "TLS1_1",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "is not offered"
}
, {
"id" : "TLS1_2",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "TLS1_3",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"finding" : "offered with final"
}
, {
"id" : "NPN",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered"
}
, {
"id" : "ALPN",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered"
}
, {
"id" : "cipherlist_NULL",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_aNULL",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_EXPORT",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_LOW",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_3DES_IDEA",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-310",
"finding" : "not offered"
}
, {
"id" : "cipherlist_AVERAGE",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "LOW",
"cwe" : "CWE-310",
"finding" : "offered"
}
, {
"id" : "cipherlist_STRONG",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "PFS",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "PFS_ciphers",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-CHACHA20-POLY1305 TLS_AES_128_GCM_SHA256 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256"
}
, {
"id" : "PFS_ECDHE_curves",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"finding" : "prime256v1 secp384r1 secp521r1 X25519 X448"
}
, {
"id" : "cipher_order",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"finding" : "server"
}
, {
"id" : "protocol_negotiated",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"finding" : "Default protocol TLS1.3"
}
, {
"id" : "cipher_negotiated",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"finding" : "TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519)"
}
, {
"id" : "cipherorder_TLSv1_2",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-CHACHA20-POLY1305 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES128-SHA256"
}
, {
"id" : "cipherorder_TLSv1_3",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256"
}
, {
"id" : "TLS_extensions",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "'renegotiation info/#65281' 'server name/#0' 'EC point formats/#11' 'supported versions/#43' 'key share/#51' 'supported_groups/#10' 'max fragment length/#1' 'encrypt-then-mac/#22' 'extended master secret/#23'"
}
, {
"id" : "TLS_session_ticket",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "No lifetime advertised"
}
, {
"id" : "SSL_sessionID_support",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "yes"
}
, {
"id" : "sessionresumption_ticket",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "supported"
}
, {
"id" : "sessionresumption_ID",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "supported"
}
, {
"id" : "TLS_timestamp",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "random"
}
, {
"id" : "cert_numbers",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "1"
}
, {
"id" : "cert_signatureAlgorithm",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"finding" : "SHA256 with RSA"
}
, {
"id" : "cert_keySize",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"finding" : "4096 bits"
}
, {
"id" : "cert_keyUsage",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "Digital Signature, Key Encipherment"
}
, {
"id" : "cert_extKeyUsage",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "cert_ext_keyusage"
}
, {
"id" : "cert_serialNumber",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "26356A27ED83CA35E3689BC279FA90389E4DE361"
}
, {
"id" : "cert_fingerprintSHA1",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "B683F6AADCA60F8DD7858A808CD5DD69504408C7"
}
, {
"id" : "cert_fingerprintSHA256",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "0471A50FC4D923A9214E902E285AC592B34CE260EE18DFA4B3A753A32D6A9437"
}
, {
"id" : "cert",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "-----BEGIN CERTIFICATE----- MIIJfTCCB2WgAwIBAgIUJjVqJ+2DyjXjaJvCefqQOJ5N42EwDQYJKoZIhvcNAQEL BQAwSTELMAkGA1UEBhMCQk0xGTAXBgNVBAoMEFF1b1ZhZGlzIExpbWl0ZWQxHzAd BgNVBAMMFlF1b1ZhZGlzIEVWIFNTTCBJQ0EgRzMwHhcNMTgwMjIwMDMxOTIyWhcN MjAwMjIwMDMyOTAwWjCB1zETMBEGCysGAQQBgjc8AgEDEwJBVTEeMBwGA1UEDwwV Tm9uLUNvbW1lcmNpYWwgRW50aXR5MRcwFQYDVQQFEw41NCAwODQgNTQwIDUxODEL MAkGA1UEBhMCQVUxGDAWBgNVBAgMD05ldyBTb3V0aCBXYWxlczETMBEGA1UEBwwK Tm9ydGggUnlkZTEXMBUGA1UECgwOQUFSTkVUIFB0eSBMdGQxEzARBgNVBAsMCk9w ZXJhdGlvbnMxHTAbBgNVBAMMFG1pcnJvci5hYXJuZXQuZWR1LmF1MIICIjANBgkq hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtQH9lHljF+yZO+DVoUrMnRztw4/2in5Q LN+Ex8p/fHSlQiKTs0Cst6zWBAz/UD1CfWe+rkVNEZi5dvUx5nL9+DeUMyyXZZ6m T0v4I2Iw9Jxe0xoS5Sj9IVjHphdV73RIHAO/JecZGdTO6T8+U0a0h7SyLxMl73pn NcOH1ZE03uyMkdmcd9VvPYFci+SXXkyPg5lBhTc51kbT6+Ya3i9OwSDfiOl3NO6U n6hBKhqY2rSUmsxSITE4xifyYpNrelRqf3/W9cYumv91uijfGJGEbD4zu7jnv24t f3o0fN9NdD6agjNWcf3Atf+vimURk2Nx1vIjvFZ5Vs9y8NgrkgoRrWGdZQey/4iD bgr4lqt7xjpIWdj3b91PWxhpH2eLra7S8kn+psmiUOVmEQFWyq8Ixm+MBaLAr6SI 7U35JW4Pq9YPsy9PZQDi/tl04/h0NIgRkgYaqgX3dOMmD0K5IqxYbwNA4zPMw+2H vpKJT8DX4jO1DAygE5a3DPntThN3Y30Sno33LPvfGWApXIHBK98qu1BjgIrTFQOd 6mOGxNAHnArJJ+G/jJnaNUvd92n6vDmCSX1R0gLjUirizPQjvYyW4A2w90oZZ40r pfuSrVMDOvyiQhLdpDJCe2DsC1fGLEMzGimv2CNu53oT2e+Qlrm8bXajrwrAQ0Zn rgCKshY1MKMCAwEAAaOCA8wwggPIMHgGCCsGAQUFBwEBBGwwajA5BggrBgEFBQcw AoYtaHR0cDovL3RydXN0LnF1b3ZhZGlzZ2xvYmFsLmNvbS9xdmV2c3NsZzMuY3J0 MC0GCCsGAQUFBzABhiFodHRwOi8vZXYub2NzcC5xdW92YWRpc2dsb2JhbC5jb20w HQYDVR0OBBYEFGO3QV9aIxp1Lorp+UV4zBHUl/IKMAwGA1UdEwEB/wQCMAAwHwYD VR0jBBgwFoAU5YRU0JBJnzi68snhKgjFTp+gSD8wWgYDVR0gBFMwUTBGBgwrBgEE Ab5YAAJkAQIwNjA0BggrBgEFBQcCARYoaHR0cDovL3d3dy5xdW92YWRpc2dsb2Jh bC5jb20vcmVwb3NpdG9yeTAHBgVngQwBATA8BgNVHR8ENTAzMDGgL6AthitodHRw Oi8vY3JsLnF1b3ZhZGlzZ2xvYmFsLmNvbS9xdmV2c3NsZzMuY3JsMA4GA1UdDwEB /wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwOAYDVR0RBDEw L4IUbWlycm9yLmFhcm5ldC5lZHUuYXWCF2Jpb21pcnJvci5hYXJuZXQuZWR1LmF1 MIIB+QYKKwYBBAHWeQIEAgSCAekEggHlAeMAdwCkuQmQtBhYFIe7E6LMZ3AKPDWY BPkb37jjd80OyA3cEAAAAWGxQjkhAAAEAwBIMEYCIQDhgcXQtoeLKvU0djcb+MDS +rw8vVvHam6A3NC9QtKinwIhANveKldG1N7GGtPNdze9qDtmbEjXNEcCSr8wnc70 GFD8AHYAu9nfvB+KcbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFhsUI47wAA BAMARzBFAiBPHN4ROEDua8mKym/ga1KRdAEG11VCPuflZuZL/imRUgIhAJfpeceN AlgrggmXDZn7z7DJjmlLI/dbSomJCdGEFcNuAHcAb1N2rDHwMRnYmQCkURX/dxUc EdkCwQApBo2yCJo32RMAAAFhsUI7mgAABAMASDBGAiEA/FFEOTSOhfccX+VxVY+8 Bb7mp9zRyzVNQD5I2zFyO/QCIQDctkO21V3OVxzLZ0B68RQhenET6m3WGNWcxm6d CcwpoQB3AFYUBpov18Ls0/XhvUSyPsdGdrm8mRFcwO+UmFXWidDdAAABYbFCPA4A AAQDAEgwRgIhAN5bXeutMBzMHDOoeBwZSMRbrELTvT4cBPpKqbhwk378AiEA1ig8 xW3187O0W4Be01ioryA66e2O3IiZaX3vAcrefGYwDQYJKoZIhvcNAQELBQADggIB AIZQVMusuOWz/gT3Af+ya9E1Vnwmufdf40qtsQOmUh25+Ue6viNYUMQWGgBgOgfY P9EmIFibAGhhotfc36D+C63JwNCR4SjY/ckL8xiLYFqGMHAME7nG9Ux34Fx7YcvU 1rh13r8sU67eHLaieEeRpWFp5Vgwf82ZvVZAOFJlZrW/w4Mvr3r++CzSJWVzdD6w TjDmTthx7qh5IAp1KVaENw6FuEv64PJNVqL12t1U3Gy+TjbHGUg/hSLWswPH+d98 GqtW8CJcdgq7exMhFTAXlTi4mSqg28y3eU2xaRwOQuNby+ZX6SnnA7cY2mqCildI v8urvkPLzaWTaVEkRTKetQ1upxHDSLiRN/vEuJE8w6G0+BEzDgErMmHeMFN/6CZ5 eZ+Tvy+/PFA6bSL4jYryPtEoN7NOLvG7OrhM3JAnx8Ylvm2DfZRyg5S71JbNz1gX ZMiytWXgCyaR16zJ19MeeIgOnaKJT3Qc4ozvmET/RkWt3VUhCzlXz7NhXxiXo7sy h1zm2ctFJkNh2cVZ5HzJy88CM3CFxXlblRh0zV5tOhBE5FT9BqC0nQqJv8YY9p0G 2AlcC44sDEYb6rCkgdiqWtYSnX2qeTjqdT74ksh2umGXCD2ROroSd/jswR7RuaOh cOZToQNOJjltFVbPMu2bIms/Mn1WqzjRaUfO42qwLuZf -----END CERTIFICATE-----"
}
, {
"id" : "cert_commonName",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"finding" : "mirror.aarnet.edu.au"
}
, {
"id" : "cert_commonName_wo_SNI",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "mirror.aarnet.edu.au"
}
, {
"id" : "cert_subjectAltName",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "mirror.aarnet.edu.au biomirror.aarnet.edu.au"
}
, {
"id" : "cert_caIssuers",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "QuoVadis EV SSL ICA G3 (QuoVadis Limited from BM)"
}
, {
"id" : "cert_trust",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"finding" : "Ok via SAN and CN (same w/o SNI)"
}
, {
"id" : "cert_chain_of_trust",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"finding" : "passed."
}
, {
"id" : "cert_certificatePolicies_EV",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"finding" : "yes"
}
, {
"id" : "cert_eTLS",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "not present"
}
, {
"id" : "cert_expiration_status",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"finding" : "353 >= 60 days"
}
, {
"id" : "cert_notBefore",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "2018-02-19 22:19"
}
, {
"id" : "cert_notAfter",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"finding" : "2020-02-19 22:29"
}
, {
"id" : "certs_countServer",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "2"
}
, {
"id" : "certs_list_ordering_problem",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "no"
}
, {
"id" : "cert_crlDistributionPoints",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "http://crl.quovadisglobal.com/qvevsslg3.crl"
}
, {
"id" : "cert_ocspURL",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "http://ev.ocsp.quovadisglobal.com"
}
, {
"id" : "OCSP_stapling",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "LOW",
"finding" : "not offered"
}
, {
"id" : "cert_mustStapleExtension",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "--"
}
, {
"id" : "DNS_CAArecord",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "LOW",
"finding" : "--"
}
, {
"id" : "certificate_transparency",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"finding" : "yes (certificate extension)"
}
, {
"id" : "HTTP_status_code",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "200 OK ('/pub/CRAN/')"
}
, {
"id" : "HTTP_clock_skew",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "0 seconds from localtime"
}
, {
"id" : "HSTS",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "LOW",
"finding" : "not offered"
}
, {
"id" : "HPKP",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "No support for HTTP Public Key Pinning"
}
, {
"id" : "banner_server",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "Apache/2.4.6 (Red Hat Enterprise Linux)"
}
, {
"id" : "banner_application",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "No application banner found"
}
, {
"id" : "cookie_count",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "0 at '/pub/CRAN/'"
}
, {
"id" : "security_headers",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "MEDIUM",
"finding" : "--"
}
, {
"id" : "banner_reverseproxy",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"cwe" : "CWE-200",
"finding" : "--"
}
, {
"id" : "heartbleed",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-0160",
"cwe" : "CWE-119",
"finding" : "not vulnerable, no heartbeat extension"
}
, {
"id" : "CCS",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-0224",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "ticketbleed",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-9244",
"cwe" : "CWE-200",
"finding" : "no session ticket extension"
}
, {
"id" : "ROBOT",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2017-17382 CVE-2017-17427 CVE-2017-17428 CVE-2017-13098 CVE-2017-1000385 CVE-2017-13099 CVE-2016-6883 CVE-2012-5081 CVE-2017-6168",
"cwe" : "CWE-203",
"finding" : "not vulnerable, no RSA key transport cipher"
}
, {
"id" : "secure_renego",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2009-3555",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "secure_client_renego",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2009-3555",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "CRIME_TLS",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2012-4929",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "BREACH",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2013-3587",
"cwe" : "CWE-310",
"finding" : "not vulnerable, no HTTP compression - only supplied '/pub/CRAN/' tested"
}
, {
"id" : "POODLE_SSL",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-3566",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "fallback_SCSV",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"finding" : "no protocol below TLS 1.2 offered"
}
, {
"id" : "SWEET32",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-2183 CVE-2016-6329",
"cwe" : "CWE-327",
"finding" : "not vulnerable"
}
, {
"id" : "FREAK",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-0204",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "DROWN",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-0800 CVE-2016-0703",
"cwe" : "CWE-310",
"finding" : "not vulnerable to DROWN on this host and port"
}
, {
"id" : "DROWN",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"cve" : "CVE-2016-0800 CVE-2016-0703",
"cwe" : "CWE-310",
"finding" : "Make sure you don't use this certificate elsewhere with SSLv2 enabled services, see https://censys.io/ipv4?q=0471A50FC4D923A9214E902E285AC592B34CE260EE18DFA4B3A753A32D6A9437"
}
, {
"id" : "LOGJAM",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-4000",
"cwe" : "CWE-310",
"finding" : "not vulnerable, no DH EXPORT ciphers,"
}
, {
"id" : "LOGJAM-common_primes",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-4000",
"cwe" : "CWE-310",
"finding" : "no DH key with <= TLS 1.2"
}
, {
"id" : "BEAST",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2011-3389",
"cwe" : "CWE-20",
"finding" : "not vulnerable, no SSL3 or TLS1"
}
, {
"id" : "LUCKY13",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "LOW",
"cve" : "CVE-2013-0169",
"cwe" : "CWE-310",
"finding" : "potentially vulnerable, uses TLS CBC ciphers"
}
, {
"id" : "RC4",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2013-2566 CVE-2015-2808",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "cipher_x1302",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "x1302 TLS_AES_256_GCM_SHA384 ECDH 253 AESGCM 256 TLS_AES_256_GCM_SHA384"
}
, {
"id" : "cipher_x1303",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "x1303 TLS_CHACHA20_POLY1305_SHA256 ECDH 253 ChaCha20 256 TLS_CHACHA20_POLY1305_SHA256"
}
, {
"id" : "cipher_xc030",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH 256 AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
}
, {
"id" : "cipher_xc028",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "xc028 ECDHE-RSA-AES256-SHA384 ECDH 256 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"
}
, {
"id" : "cipher_xcca8",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "xcca8 ECDHE-RSA-CHACHA20-POLY1305 ECDH 253 ChaCha20 256 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"
}
, {
"id" : "cipher_x1301",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "x1301 TLS_AES_128_GCM_SHA256 ECDH 253 AESGCM 128 TLS_AES_128_GCM_SHA256"
}
, {
"id" : "cipher_xc02f",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH 256 AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
}
, {
"id" : "cipher_xc027",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "xc027 ECDHE-RSA-AES128-SHA256 ECDH 256 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
}
, {
"id" : "clientsimulation-android_422",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-android_442",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-android_500",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-android_60",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-android_70",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-CHACHA20-POLY1305"
}
, {
"id" : "clientsimulation-chrome_65_win7",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-chrome_70_win10",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.3 TLS_AES_256_GCM_SHA384"
}
, {
"id" : "clientsimulation-firefox_59_win7",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-firefox_62_win7",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-ie_6_xp",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-ie_7_vista",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-ie_8_win7",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-ie_8_xp",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-ie_11_win7",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-SHA384"
}
, {
"id" : "clientsimulation-ie_11_win81",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-SHA384"
}
, {
"id" : "clientsimulation-ie_11_winphone81",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-SHA256"
}
, {
"id" : "clientsimulation-ie_11_win10",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-edge_13_win10",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-edge_13_winphone10",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-edge_15_win10",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-opera_17_win7",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-SHA256"
}
, {
"id" : "clientsimulation-safari_9_ios9",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-safari_9_osx1011",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-safari_10_osx1012",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-apple_ats_9_ios9",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-tor_1709_win7",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-java_6u45",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-java_7u25",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-java_8u161",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-java_904",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-openssl_101l",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-openssl_102e",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "scanTime",
"ip" : "mirror.aarnet.edu.au/202.158.214.106",
"port" : "443",
"severity" : "INFO",
"finding" : "242"
}
]

1034
data/ssl/mirror.cedia.org.ec_p443-20190303-0835.json

File diff suppressed because it is too large

1004
data/ssl/mirror.epn.edu.ec_p443-20190303-0835.json

File diff suppressed because it is too large

1006
data/ssl/mirror.ibcp.fr_p443-20190303-0837.json

File diff suppressed because it is too large

1090
data/ssl/mirror.its.dal.ca_p443-20190303-0835.json

File diff suppressed because it is too large

993
data/ssl/mirror.its.sfu.ca_p443-20190303-0835.json

@ -0,0 +1,993 @@
[
{
"id" : "service",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "HTTP"
}
, {
"id" : "SSLv2",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "OK",
"finding" : "not offered"
}
, {
"id" : "SSLv3",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "OK",
"finding" : "not offered"
}
, {
"id" : "TLS1",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "offered"
}
, {
"id" : "TLS1_1",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "CRITICAL",
"finding" : "TLSv1.1 is not offered, and downgraded to a weaker protocol"
}
, {
"id" : "TLS1_2",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "MEDIUM",
"finding" : "not offered and downgraded to a weaker protocol"
}
, {
"id" : "TLS1_3",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered and downgraded to a weaker protocol"
}
, {
"id" : "NPN",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered"
}
, {
"id" : "ALPN",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered"
}
, {
"id" : "cipherlist_NULL",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_aNULL",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_EXPORT",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_LOW",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "CRITICAL",
"cwe" : "CWE-327",
"finding" : "offered"
}
, {
"id" : "cipherlist_3DES_IDEA",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "HIGH",
"cwe" : "CWE-310",
"finding" : "offered"
}
, {
"id" : "cipherlist_AVERAGE",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "LOW",
"cwe" : "CWE-310",
"finding" : "offered"
}
, {
"id" : "cipherlist_STRONG",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "MEDIUM",
"finding" : "not offered"
}
, {
"id" : "PFS",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "PFS_ciphers",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "DHE-RSA-AES256-SHA DHE-RSA-AES128-SHA"
}
, {
"id" : "DH_groups",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "MEDIUM",
"finding" : "mod_ssl 2.2.x/1024-bit MODP group with safe prime modulus"
}
, {
"id" : "cipher_order",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "HIGH",
"finding" : "NOT a cipher order configured"
}
, {
"id" : "protocol_negotiated",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "Default protocol TLS1.0"
}
, {
"id" : "cipher_negotiated",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "LOW",
"finding" : "DHE-RSA-AES256-SHA, 1024 bit DH (cbc) (limited sense as client will pick)"
}
, {
"id" : "cipher_order_",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "at (limited sense as client will pick)"
}
, {
"id" : "cipher_order_",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "at (limited sense as client will pick)"
}
, {
"id" : "cipher_order_TLSv1",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "DHE-RSA-AES256-SHA at TLSv1 (limited sense as client will pick)"
}
, {
"id" : "cipher_order_",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "at (limited sense as client will pick)"
}
, {
"id" : "cipher_order_",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "at (limited sense as client will pick)"
}
, {
"id" : "cipher_order_",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "at (limited sense as client will pick)"
}
, {
"id" : "TLS_extensions",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "'renegotiation info/#65281'"
}
, {
"id" : "TLS_session_ticket",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "No lifetime advertised"
}
, {
"id" : "SSL_sessionID_support",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "yes"
}
, {
"id" : "sessionresumption_ticket",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "supported"
}
, {
"id" : "sessionresumption_ID",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "supported"
}
, {
"id" : "TLS_timestamp",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "off by 0 seconds from your localtime"
}
, {
"id" : "cert_numbers",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "1"
}
, {
"id" : "cert_signatureAlgorithm",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "OK",
"finding" : "SHA256 with RSA"
}
, {
"id" : "cert_keySize",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "OK",
"finding" : "4096 bits"
}
, {
"id" : "cert_keyUsage",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "Digital Signature, Key Encipherment"
}
, {
"id" : "cert_extKeyUsage",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "cert_ext_keyusage"
}
, {
"id" : "cert_serialNumber",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "04B3B5AAEDA5303A2AD271D002B88C65"
}
, {
"id" : "cert_fingerprintSHA1",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "B4CEDED4E0F11DDF9FF45B40157F3A5F358436CE"
}
, {
"id" : "cert_fingerprintSHA256",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "23594FD62F6E8DBAAB629530A2AC611E66EEABCC920C9224D8FEB06A1FD76A7D"
}
, {
"id" : "cert",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "-----BEGIN CERTIFICATE----- MIIH+jCCBuKgAwIBAgIQBLO1qu2lMDoq0nHQAriMZTANBgkqhkiG9w0BAQsFADBw MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz dXJhbmNlIFNlcnZlciBDQTAeFw0xODAyMjcwMDAwMDBaFw0yMDAzMjQxMjAwMDBa MIGJMQswCQYDVQQGEwJDQTEZMBcGA1UECBMQQnJpdGlzaCBDb2x1bWJpYTEQMA4G A1UEBxMHQnVybmFieTEgMB4GA1UEChMXU2ltb24gRnJhc2VyIFVuaXZlcnNpdHkx FDASBgNVBAsTC0lUIFNlcnZpY2VzMRUwEwYDVQQDDAwqLml0cy5zZnUuY2EwggIi MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCm9tT4kc9pIPJJniWynQ/EHxSq mbbTn2X2rav6olI/QuY5YtuSJuKy+jnSzvg8lpWJQYCQMPnKr9CZ8TPLMLWugqks QKB72vWjSlPXTajPKiyALie/mjVQ13YjA/BRwSHd/oWSsRh5ql5umICNnXpdPp1L 3N/FDZUOxbfYREt6hzASIqZuo1E/bR4g4U+c5E1nujr+14Zv4fjNJb2baZ9iuKG5 qfeIC8HEqNfkFP88yxWFpzxPaSN70HvJNFLJMo93oQlYALkHO1x+0iMJqnqInouX VRObSF3pWoogDUOjklIYNNwp8WveiEjdhvq+wQXfJUUI6XfyWc5LqfpPgFhKnOy8 7ciUcqQQ7yBelLrHdawfNG7b0ftqgicIchfSHjDVZQvQBf47Q4SlpC1Tx834o97V VmBIRwnw8IToeqM8G62uHeHiVr1lkwBE763LZhBk7WNCrTpvvHx0MXQYVeZXwttq S5dVaLH4EEFRJxSfeafgj5OqkiGo6qAylUCanHkd6ifxe2ika2mk7OXkq9Ji269i oXGH0ilwTJftDeHeMpdNiR93W5EQ10dmgsfLb0wf2GxRFnp2Apns6UE1VzZH/tmk NkM1UskepPiY0V4fFYyVuLblzNv1CPlmFKaymD9j5w/LpCAVzBRMbSbKNcBWMwAx qLfe9Jxh3WhzDTWE0QIDAQABo4IDdDCCA3AwHwYDVR0jBBgwFoAUUWj/kK8CB3U8 zNllZGKiErhZcjswHQYDVR0OBBYEFPLYHRLSubfARW4fAdgnwj5/EazMMCMGA1Ud EQQcMBqCDCouaXRzLnNmdS5jYYIKaXRzLnNmdS5jYTAOBgNVHQ8BAf8EBAMCBaAw HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMHUGA1UdHwRuMGwwNKAyoDCG Lmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zaGEyLWhhLXNlcnZlci1nNi5jcmww NKAyoDCGLmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWhhLXNlcnZlci1n Ni5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0 cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwgYMGCCsGAQUFBwEB BHcwdTAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tME0GCCsG AQUFBzAChkFodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEy SGlnaEFzc3VyYW5jZVNlcnZlckNBLmNydDAMBgNVHRMBAf8EAjAAMIIBfwYKKwYB BAHWeQIEAgSCAW8EggFrAWkAdwCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jjd80O yA3cEAAAAWHYjWoSAAAEAwBIMEYCIQCkZVMoLhfE1khxoqtPLvRTU2YMaLw5Dr7k VbfN3ODCZQIhAIAgovHsNf+vExQvdgjNYqTZj1XbJD8aGsEXXy7gqcoUAHYAh3W/ 51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFh2I1q4AAABAMARzBFAiEA 9H++Cm18cXFMzFfJ6hDeMXXpRTFt6N31yP948oxCWlsCIArmmRHv3Ec1mbnnFA6r D078YcrKTecMjSYS63nW4RjYAHYAu9nfvB+KcbWTlCOXqpJ7RzhXlQqrUugakJZk No4e0YUAAAFh2I1q4wAABAMARzBFAiAIzKs8Q5X4IrDv8CTU9M/LF38f3VtKZfiJ X5HSNn82BAIhANhwAPkA0xJDaQYCFBmatOLSc4Ya5Z4Q56FvkfQlW/YpMA0GCSqG SIb3DQEBCwUAA4IBAQBm8143C+8BSJgRZXCqb+C4AGdzJPYffSHmxGsN2+DLwwuP Cg5ccy5ZScacR9ay58tPrTYJMi8QEbhltjZVzYu+ga+2BuwTgLFQZ437M43AOIXl mdxY2iGe6C28iAwZ34ikAAi07W3oFIXq2gSzBpDHMavIcNt3b2C1ro4UjVOly8vR fk/ULAFsWzC+pvw0V483uMoyrUqy43/8nIiImh9RHEgHRCbLGkyG0II2kKYlv9/Z U58KoyGWxrDkPvcwKF0CFwLNtYZXxAq8w+YIxGya9AL8VoPwZV98DAZcL29Dzdba TTEwEshTBKq8TcO+4yqoGRqOd8+hdVVamO3Iw9Or -----END CERTIFICATE-----"
}
, {
"id" : "cert_commonName",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "OK",
"finding" : "*.its.sfu.ca"
}
, {
"id" : "cert_commonName_wo_SNI",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "*.its.sfu.ca"
}
, {
"id" : "cert_subjectAltName",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "*.its.sfu.ca its.sfu.ca"
}
, {
"id" : "cert_caIssuers",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "DigiCert SHA2 High Assurance Server CA (DigiCert Inc from US)"
}
, {
"id" : "cert_trust",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "OK",
"finding" : "Ok via SAN wildcard and CN wildcard (same w/o SNI)"
}
, {
"id" : "cert_chain_of_trust",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "OK",
"finding" : "passed."
}
, {
"id" : "cert_certificatePolicies_EV",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "no"
}
, {
"id" : "cert_eTLS",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "not present"
}
, {
"id" : "cert_expiration_status",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "OK",
"finding" : "386 >= 60 days"
}
, {
"id" : "cert_notBefore",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "2018-02-26 19:00"
}
, {
"id" : "cert_notAfter",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "OK",
"finding" : "2020-03-24 08:00"
}
, {
"id" : "certs_countServer",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "2"
}
, {
"id" : "certs_list_ordering_problem",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "no"
}
, {
"id" : "cert_crlDistributionPoints",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "http://crl3.digicert.com/sha2-ha-server-g6.crl http://crl4.digicert.com/sha2-ha-server-g6.crl"
}
, {
"id" : "cert_ocspURL",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "http://ocsp.digicert.com"
}
, {
"id" : "OCSP_stapling",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "LOW",
"finding" : "not offered"
}
, {
"id" : "cert_mustStapleExtension",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "--"
}
, {
"id" : "DNS_CAArecord",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "LOW",
"finding" : "--"
}
, {
"id" : "certificate_transparency",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "OK",
"finding" : "yes (certificate extension)"
}
, {
"id" : "HTTP_status_code",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "200 OK ('/mirror/CRAN/')"
}
, {
"id" : "HTTP_clock_skew",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "0 seconds from localtime"
}
, {
"id" : "ipv4_in_header",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "MEDIUM",
"cwe" : "CWE-212",
"finding" : "Server: Apache/2.2.3 (Red Hat) DAV/2 mod_auth_kerb/5.1 mod_auth_pgsql/2.0.3 mod_nss/2.2.3 NSS/3.14.3.0 Basic ECC PHP/5.1.6 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 SVN/1.6.11 mod_perl/2.0.4 Perl/v5.8.8 (check if it's your IP address or e.g. a cluster IP)"
}
, {
"id" : "HSTS",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "LOW",
"finding" : "not offered"
}
, {
"id" : "HPKP",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "No support for HTTP Public Key Pinning"
}
, {
"id" : "banner_server",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "Apache/2.2.3 (Red Hat) DAV/2 mod_auth_kerb/5.1 mod_auth_pgsql/2.0.3 mod_nss/2.2.3 NSS/3.14.3.0 Basic ECC PHP/5.1.6 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 SVN/1.6.11 mod_perl/2.0.4 Perl/v5.8.8"
}
, {
"id" : "banner_application",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "No application banner found"
}
, {
"id" : "cookie_count",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "0 at '/mirror/CRAN/'"
}
, {
"id" : "security_headers",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "MEDIUM",
"finding" : "--"
}
, {
"id" : "banner_reverseproxy",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"cwe" : "CWE-200",
"finding" : "--"
}
, {
"id" : "heartbleed",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-0160",
"cwe" : "CWE-119",
"finding" : "not vulnerable, no heartbeat extension"
}
, {
"id" : "CCS",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-0224",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "ticketbleed",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-9244",
"cwe" : "CWE-200",
"finding" : "no session ticket extension"
}
, {
"id" : "ROBOT",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2017-17382 CVE-2017-17427 CVE-2017-17428 CVE-2017-13098 CVE-2017-1000385 CVE-2017-13099 CVE-2016-6883 CVE-2012-5081 CVE-2017-6168",
"cwe" : "CWE-203",
"finding" : "not vulnerable"
}
, {
"id" : "secure_renego",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2009-3555",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "secure_client_renego",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2009-3555",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "CRIME_TLS",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2012-4929",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "BREACH",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2013-3587",
"cwe" : "CWE-310",
"finding" : "not vulnerable, no HTTP compression - only supplied '/mirror/CRAN/' tested"
}
, {
"id" : "POODLE_SSL",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-3566",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "fallback_SCSV",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "OK",
"finding" : "no protocol below TLS 1 offered"
}
, {
"id" : "SWEET32",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "LOW",
"cve" : "CVE-2016-2183 CVE-2016-6329",
"cwe" : "CWE-327",
"finding" : "uses 64 bit block ciphers"
}
, {
"id" : "FREAK",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-0204",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "DROWN",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-0800 CVE-2016-0703",
"cwe" : "CWE-310",
"finding" : "not vulnerable to DROWN on this host and port"
}
, {
"id" : "DROWN",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"cve" : "CVE-2016-0800 CVE-2016-0703",
"cwe" : "CWE-310",
"finding" : "Make sure you don't use this certificate elsewhere with SSLv2 enabled services, see https://censys.io/ipv4?q=23594FD62F6E8DBAAB629530A2AC611E66EEABCC920C9224D8FEB06A1FD76A7D"
}
, {
"id" : "LOGJAM-common_primes",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "HIGH",
"cve" : "CVE-2015-4000",
"cwe" : "CWE-310",
"finding" : "mod_ssl 2.2.x/1024-bit MODP group with safe prime modulus"
}
, {
"id" : "LOGJAM",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-4000",
"cwe" : "CWE-310",
"finding" : "not vulnerable, no DH EXPORT ciphers,"
}
, {
"id" : "BEAST_CBC_TLS1",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "MEDIUM",
"cve" : "CVE-2011-3389",
"cwe" : "CWE-20",
"finding" : "DHE-RSA-AES256-SHA AES256-SHA DHE-RSA-AES128-SHA AES128-SHA EDH-RSA-DES-CBC3-SHA DES-CBC3-SHA EDH-RSA-DES-CBC-SHA DES-CBC-SHA"
}
, {
"id" : "BEAST",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "MEDIUM",
"cve" : "CVE-2011-3389",
"cwe" : "CWE-20",
"finding" : "VULNERABLE -- and no higher protocols as mitigation supported"
}
, {
"id" : "LUCKY13",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "LOW",
"cve" : "CVE-2013-0169",
"cwe" : "CWE-310",
"finding" : "potentially vulnerable, uses TLS CBC ciphers"
}
, {
"id" : "RC4",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "HIGH",
"cve" : "CVE-2013-2566 CVE-2015-2808",
"cwe" : "CWE-310",
"finding" : "VULNERABLE, Detected ciphers: RC4-SHA RC4-MD5"
}
, {
"id" : "cipher_x39",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "x39 DHE-RSA-AES256-SHA DH 1024 AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA"
}
, {
"id" : "cipher_x35",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "x35 AES256-SHA RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA"
}
, {
"id" : "cipher_x33",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "x33 DHE-RSA-AES128-SHA DH 1024 AES 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
}
, {
"id" : "cipher_x2f",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "x2f AES128-SHA RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA"
}
, {
"id" : "cipher_x05",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "x05 RC4-SHA RSA RC4 128 TLS_RSA_WITH_RC4_128_SHA"
}
, {
"id" : "cipher_x04",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "x04 RC4-MD5 RSA RC4 128 TLS_RSA_WITH_RC4_128_MD5"
}
, {
"id" : "cipher_x16",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "x16 EDH-RSA-DES-CBC3-SHA DH 1024 3DES 168 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"
}
, {
"id" : "cipher_x0a",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "x0a DES-CBC3-SHA RSA 3DES 168 TLS_RSA_WITH_3DES_EDE_CBC_SHA"
}
, {
"id" : "cipher_x15",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "x15 EDH-RSA-DES-CBC-SHA DH 1024 DES 56 TLS_DHE_RSA_WITH_DES_CBC_SHA"
}
, {
"id" : "cipher_x09",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "x09 DES-CBC-SHA RSA DES 56 TLS_RSA_WITH_DES_CBC_SHA"
}
, {
"id" : "clientsimulation-android_422",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-android_442",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-android_500",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-android_60",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-android_70",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES128-SHA"
}
, {
"id" : "clientsimulation-chrome_65_win7",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES128-SHA"
}
, {
"id" : "clientsimulation-chrome_70_win10",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES128-SHA"
}
, {
"id" : "clientsimulation-firefox_59_win7",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES128-SHA"
}
, {
"id" : "clientsimulation-firefox_62_win7",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES128-SHA"
}
, {
"id" : "clientsimulation-ie_6_xp",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-ie_7_vista",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES128-SHA"
}
, {
"id" : "clientsimulation-ie_8_win7",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES128-SHA"
}
, {
"id" : "clientsimulation-ie_8_xp",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 RC4-MD5"
}
, {
"id" : "clientsimulation-ie_11_win7",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES256-SHA"
}
, {
"id" : "clientsimulation-ie_11_win81",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-ie_11_winphone81",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES128-SHA"
}
, {
"id" : "clientsimulation-ie_11_win10",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-edge_13_win10",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-edge_13_winphone10",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES256-SHA"
}
, {
"id" : "clientsimulation-edge_15_win10",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES256-SHA"
}
, {
"id" : "clientsimulation-opera_17_win7",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-safari_9_ios9",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES256-SHA"
}
, {
"id" : "clientsimulation-safari_9_osx1011",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES256-SHA"
}
, {
"id" : "clientsimulation-safari_10_osx1012",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES256-SHA"
}
, {
"id" : "clientsimulation-apple_ats_9_ios9",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-tor_1709_win7",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-java_6u45",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 RC4-MD5"
}
, {
"id" : "clientsimulation-java_7u25",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES128-SHA"
}
, {
"id" : "clientsimulation-java_8u161",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES256-SHA"
}
, {
"id" : "clientsimulation-java_904",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES256-SHA"
}
, {
"id" : "clientsimulation-openssl_101l",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-openssl_102e",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "scanTime",
"ip" : "mirror.its.sfu.ca/142.58.101.156",
"port" : "443",
"severity" : "INFO",
"finding" : "191"
}
]

1069
data/ssl/mirror.las.iastate.edu_p443-20190303-0846.json

File diff suppressed because it is too large

957
data/ssl/mirror.lzu.edu.cn_p443-20190303-0835.json

@ -0,0 +1,957 @@
[
{
"id" : "service",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "HTTP"
}
, {
"id" : "SSLv2",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"finding" : "not offered"
}
, {
"id" : "SSLv3",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"finding" : "not offered"
}
, {
"id" : "TLS1",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "offered"
}
, {
"id" : "TLS1_1",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "offered"
}
, {
"id" : "TLS1_2",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "TLS1_3",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered and downgraded to a weaker protocol"
}
, {
"id" : "NPN",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "offered with h2, http/1.1 (advertised)"
}
, {
"id" : "ALPN_HTTP2",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"finding" : "h2"
}
, {
"id" : "ALPN",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "http/1.1"
}
, {
"id" : "cipherlist_NULL",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_aNULL",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_EXPORT",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_LOW",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_3DES_IDEA",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "HIGH",
"cwe" : "CWE-310",
"finding" : "offered"
}
, {
"id" : "cipherlist_AVERAGE",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "LOW",
"cwe" : "CWE-310",
"finding" : "offered"
}
, {
"id" : "cipherlist_STRONG",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "PFS",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "PFS_ciphers",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES256-SHA384 ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES128-SHA"
}
, {
"id" : "PFS_ECDHE_curves",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"finding" : "prime256v1 secp384r1 secp521r1"
}
, {
"id" : "cipher_order",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"finding" : "server"
}
, {
"id" : "protocol_negotiated",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"finding" : "Default protocol TLS1.2"
}
, {
"id" : "cipher_negotiated",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"finding" : "ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)"
}
, {
"id" : "cipherorder_TLSv1",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-DES-CBC3-SHA"
}
, {
"id" : "cipherorder_TLSv1_1",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-DES-CBC3-SHA"
}
, {
"id" : "cipherorder_TLSv1_2",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES256-SHA384 ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-DES-CBC3-SHA"
}
, {
"id" : "TLS_extensions",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "'renegotiation info/#65281' 'EC point formats/#11' 'session ticket/#35' 'status request/#5' 'heartbeat/#15' 'next protocol/#13172' 'application layer protocol negotiation/#16'"
}
, {
"id" : "TLS_session_ticket",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "valid for 86400 seconds only (<daily)"
}
, {
"id" : "SSL_sessionID_support",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "yes"
}
, {
"id" : "sessionresumption_ticket",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "supported"
}
, {
"id" : "sessionresumption_ID",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "supported"
}
, {
"id" : "TLS_timestamp",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "random"
}
, {
"id" : "cert_numbers",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "1"
}
, {
"id" : "cert_signatureAlgorithm",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"finding" : "SHA256 with RSA"
}
, {
"id" : "cert_keySize",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"finding" : "384 EC bits"
}
, {
"id" : "cert_keyUsage",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "Digital Signature"
}
, {
"id" : "cert_extKeyUsage",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "cert_ext_keyusage"
}
, {
"id" : "cert_serialNumber",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "03CF672F3C5CE5720C8C71882FC037EAC743"
}
, {
"id" : "cert_fingerprintSHA1",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "3D39DEB3A8E797DFD7F01B42482937F78630ED5B"
}
, {
"id" : "cert_fingerprintSHA256",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "A289DE9E48E12C7B11C25F6B2C1561CFC6DAB8564AC5BCB281BB50EBB97905DC"
}
, {
"id" : "cert",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "-----BEGIN CERTIFICATE----- MIIErDCCA5SgAwIBAgISA89nLzxc5XIMjHGIL8A36sdDMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTAyMTAxNTExMDNaFw0x OTA1MTExNTExMDNaMBwxGjAYBgNVBAMTEW1pcnJvci5senUuZWR1LmNuMHYwEAYH KoZIzj0CAQYFK4EEACIDYgAEaiT1bSlqLJvhScUpnQFRWDdK7EZcZAaaro0vCpaw YoUNgQ3FsgprQZTQWct7VWnCaZ/kTyiaBscDUDlNzBqkebE2/G2yaCqMnkPWSCk4 TtZ8dabOAXRdXZ3KQ/0RpDuyo4ICZjCCAmIwDgYDVR0PAQH/BAQDAgeAMB0GA1Ud JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW BBRS9ZTNvKGXegK6RbmxvBKf5nQTpTAfBgNVHSMEGDAWgBSoSmpjBH3duubRObem RWXv86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3Nw LmludC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0 LmludC14My5sZXRzZW5jcnlwdC5vcmcvMBwGA1UdEQQVMBOCEW1pcnJvci5senUu ZWR1LmNuMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYI KwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBAYKKwYBBAHW eQIEAgSB9QSB8gDwAHYAKTxRllTIOWW6qlD8WAfUt2+/WHopctykwwz05UVH9HgA AAFo2C0kSAAABAMARzBFAiApGBg0O1RPjVkYgwOJ7hTWq9aJTK+QGFZzmkbWm1gV CgIhAO0bVUre1hq9aS4d4clSxfEODYXTOezhmO+QqvbpsgdUAHYAdH7agzGtMxCR IZzOJU9CcMK//V5CIAjGNzV55hB7zFYAAAFo2C0mjQAABAMARzBFAiEApqmX+ggr W0l4NwSaktFnoRfA7DcFPxZWo+vfq2XPUMUCIAxsKdxcRxGOJ3o0A3lByHhLzgX0 ZZdZ5D9nnYLuIoisMA0GCSqGSIb3DQEBCwUAA4IBAQAHm56WDTQmVzc41g1y7P+e XSXKGLrpOUp9A5Bmhz15vpaFjUrl166iQ0bPzP0VJG0gxn0i86wO/HJY4+bCCvtB Qh5PtAt9r886k7rq2TSi9pjxApPYQIzVkUMRQhGrYwe9lhdJvhTicJSl8osmsVdx wB/sF7FCKd4laN2a3vmXwOpwpLX3i2xCh1GUupxhoymqKL/eZdwD6HaK/72cNDmy 9ZiagRyaOwiI2MNDGrVDUWbQJ8O40MGtqKRTVjSTEsVfHXnDDo/9wsop9JvUUxFL o4xCQfldS8cry4BgkqshQgT8ZEjE/7fTTFrJV0TuB5mtEQftrkP+0O8PqRU7v7PF -----END CERTIFICATE-----"
}
, {
"id" : "cert_commonName",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"finding" : "mirror.lzu.edu.cn"
}
, {
"id" : "cert_commonName_wo_SNI",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "mirror.lzu.edu.cn"
}
, {
"id" : "cert_subjectAltName",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "mirror.lzu.edu.cn"
}
, {
"id" : "cert_caIssuers",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "Let's Encrypt Authority X3 (Let's Encrypt from US)"
}
, {
"id" : "cert_trust",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"finding" : "Ok via SAN and CN (same w/o SNI)"
}
, {
"id" : "cert_chain_of_trust",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"finding" : "passed."
}
, {
"id" : "cert_certificatePolicies_EV",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "no"
}
, {
"id" : "cert_eTLS",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "not present"
}
, {
"id" : "cert_expiration_status",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"finding" : "69 >= 30 days"
}
, {
"id" : "cert_notBefore",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "2019-02-10 10:11"
}
, {
"id" : "cert_notAfter",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"finding" : "2019-05-11 11:11"
}
, {
"id" : "certs_countServer",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "2"
}
, {
"id" : "certs_list_ordering_problem",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "no"
}
, {
"id" : "cert_crlDistributionPoints",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "--"
}
, {
"id" : "cert_ocspURL",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "http://ocsp.int-x3.letsencrypt.org"
}
, {
"id" : "OCSP_stapling",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "cert_ocspRevoked",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"finding" : "not revoked"
}
, {
"id" : "cert_mustStapleExtension",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "--"
}
, {
"id" : "DNS_CAArecord",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "LOW",
"finding" : "--"
}
, {
"id" : "certificate_transparency",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"finding" : "yes (certificate extension)"
}
, {
"id" : "HTTP_status_code",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "200 OK ('/CRAN/')"
}
, {
"id" : "HTTP_clock_skew",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "-529 (± 1.5) seconds from localtime"
}
, {
"id" : "HSTS",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "LOW",
"finding" : "not offered"
}
, {
"id" : "HPKP",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "No support for HTTP Public Key Pinning"
}
, {
"id" : "banner_server",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "nginx"
}
, {
"id" : "banner_application",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "No application banner found"
}
, {
"id" : "cookie_count",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "0 at '/CRAN/'"
}
, {
"id" : "security_headers",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "MEDIUM",
"finding" : "--"
}
, {
"id" : "banner_reverseproxy",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"cwe" : "CWE-200",
"finding" : "--"
}
, {
"id" : "heartbleed",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-0160",
"cwe" : "CWE-119",
"finding" : "not vulnerable , timed out"
}
, {
"id" : "CCS",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-0224",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "ticketbleed",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-9244",
"cwe" : "CWE-200",
"finding" : "not vulnerable"
}
, {
"id" : "ROBOT",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2017-17382 CVE-2017-17427 CVE-2017-17428 CVE-2017-13098 CVE-2017-1000385 CVE-2017-13099 CVE-2016-6883 CVE-2012-5081 CVE-2017-6168",
"cwe" : "CWE-203",
"finding" : "not vulnerable, no RSA key transport cipher"
}
, {
"id" : "secure_renego",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2009-3555",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "secure_client_renego",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2009-3555",
"cwe" : "CWE-310",
"finding" : "likely not vulnerable (timed out)"
}
, {
"id" : "CRIME_TLS",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2012-4929",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "BREACH",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2013-3587",
"cwe" : "CWE-310",
"finding" : "not vulnerable, no HTTP compression - only supplied '/CRAN/' tested"
}
, {
"id" : "POODLE_SSL",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-3566",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "fallback_SCSV",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"finding" : "supported"
}
, {
"id" : "SWEET32",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "LOW",
"cve" : "CVE-2016-2183 CVE-2016-6329",
"cwe" : "CWE-327",
"finding" : "uses 64 bit block ciphers"
}
, {
"id" : "FREAK",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-0204",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "DROWN",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-0800 CVE-2016-0703",
"cwe" : "CWE-310",
"finding" : "not vulnerable to DROWN on this host and port"
}
, {
"id" : "DROWN",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"cve" : "CVE-2016-0800 CVE-2016-0703",
"cwe" : "CWE-310",
"finding" : "no RSA certificate, can't be used with SSLv2 elsewhere"
}
, {
"id" : "LOGJAM",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-4000",
"cwe" : "CWE-310",
"finding" : "not vulnerable, no DH EXPORT ciphers,"
}
, {
"id" : "LOGJAM-common_primes",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-4000",
"cwe" : "CWE-310",
"finding" : "no DH key with <= TLS 1.2"
}
, {
"id" : "BEAST_CBC_TLS1",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "MEDIUM",
"cve" : "CVE-2011-3389",
"cwe" : "CWE-20",
"finding" : "ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-DES-CBC3-SHA"
}
, {
"id" : "BEAST",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "LOW",
"cve" : "CVE-2011-3389",
"cwe" : "CWE-20",
"finding" : "VULNERABLE -- but also supports higher protocols TLSv1.1 TLSv1.2 (likely mitigated)"
}
, {
"id" : "LUCKY13",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "LOW",
"cve" : "CVE-2013-0169",
"cwe" : "CWE-310",
"finding" : "potentially vulnerable, uses TLS CBC ciphers"
}
, {
"id" : "RC4",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2013-2566 CVE-2015-2808",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "cipher_xc02c",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "xc02c ECDHE-ECDSA-AES256-GCM-SHA384 ECDH 256 AESGCM 256 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"
}
, {
"id" : "cipher_xc024",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "xc024 ECDHE-ECDSA-AES256-SHA384 ECDH 256 AES 256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"
}
, {
"id" : "cipher_xc00a",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "xc00a ECDHE-ECDSA-AES256-SHA ECDH 256 AES 256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"
}
, {
"id" : "cipher_xc02b",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "xc02b ECDHE-ECDSA-AES128-GCM-SHA256 ECDH 256 AESGCM 128 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"
}
, {
"id" : "cipher_xc023",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "xc023 ECDHE-ECDSA-AES128-SHA256 ECDH 256 AES 128 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"
}
, {
"id" : "cipher_xc009",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "xc009 ECDHE-ECDSA-AES128-SHA ECDH 256 AES 128 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"
}
, {
"id" : "cipher_xc008",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "xc008 ECDHE-ECDSA-DES-CBC3-SHA ECDH 256 3DES 168 TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"
}
, {
"id" : "clientsimulation-android_422",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-ECDSA-AES128-SHA"
}
, {
"id" : "clientsimulation-android_442",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-android_500",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-android_60",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-android_70",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-chrome_65_win7",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-chrome_70_win10",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-firefox_59_win7",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-firefox_62_win7",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-ie_6_xp",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-ie_7_vista",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-ECDSA-AES128-SHA"
}
, {
"id" : "clientsimulation-ie_8_win7",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-ECDSA-AES128-SHA"
}
, {
"id" : "clientsimulation-ie_8_xp",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-ie_11_win7",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-ie_11_win81",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-ie_11_winphone81",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-ie_11_win10",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-edge_13_win10",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-edge_13_winphone10",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-edge_15_win10",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-opera_17_win7",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-SHA256"
}
, {
"id" : "clientsimulation-safari_9_ios9",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-safari_9_osx1011",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-safari_10_osx1012",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-apple_ats_9_ios9",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-tor_1709_win7",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-ECDSA-AES128-SHA"
}
, {
"id" : "clientsimulation-java_6u45",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-java_7u25",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-ECDSA-AES128-SHA"
}
, {
"id" : "clientsimulation-java_8u161",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-java_904",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-openssl_101l",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-openssl_102e",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256"
}
, {
"id" : "scanTime",
"ip" : "mirror.lzu.edu.cn/202.201.0.160",
"port" : "443",
"severity" : "INFO",
"finding" : "449"
}
]

1048
data/ssl/mirrors.dotsrc.org_p443-20190303-0835.json

File diff suppressed because it is too large

992
data/ssl/mirrors.eliteu.cn_p443-20190303-0835.json

@ -0,0 +1,992 @@
[
{
"id" : "service",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "HTTP"
}
, {
"id" : "SSLv2",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"finding" : "not offered"
}
, {
"id" : "SSLv3",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"finding" : "not offered"
}
, {
"id" : "TLS1",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "offered"
}
, {
"id" : "TLS1_1",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "offered"
}
, {
"id" : "TLS1_2",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "TLS1_3",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered and downgraded to a weaker protocol"
}
, {
"id" : "NPN",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered"
}
, {
"id" : "ALPN",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "http/1.1"
}
, {
"id" : "cipherlist_NULL",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_aNULL",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_EXPORT",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_LOW",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_3DES_IDEA",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-310",
"finding" : "not offered"
}
, {
"id" : "cipherlist_AVERAGE",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "LOW",
"cwe" : "CWE-310",
"finding" : "offered"
}
, {
"id" : "cipherlist_STRONG",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "PFS",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "PFS_ciphers",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA"
}
, {
"id" : "PFS_ECDHE_curves",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"finding" : "sect283k1 sect283r1 sect409k1 sect409r1 sect571k1 sect571r1 secp256k1 prime256v1 secp384r1 secp521r1 brainpoolP256r1 brainpoolP384r1 brainpoolP512r1"
}
, {
"id" : "cipher_order",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"finding" : "server"
}
, {
"id" : "protocol_negotiated",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"finding" : "Default protocol TLS1.2"
}
, {
"id" : "cipher_negotiated",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"finding" : "ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)"
}
, {
"id" : "cipherorder_TLSv1",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES256-SHA AES256-SHA CAMELLIA256-SHA ECDHE-RSA-AES128-SHA AES128-SHA CAMELLIA128-SHA"
}
, {
"id" : "cipherorder_TLSv1_1",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES256-SHA AES256-SHA CAMELLIA256-SHA ECDHE-RSA-AES128-SHA AES128-SHA CAMELLIA128-SHA"
}
, {
"id" : "cipherorder_TLSv1_2",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA AES256-GCM-SHA384 AES256-SHA256 AES256-SHA CAMELLIA256-SHA ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA AES128-GCM-SHA256 AES128-SHA256 AES128-SHA CAMELLIA128-SHA"
}
, {
"id" : "TLS_extensions",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "'server name/#0' 'renegotiation info/#65281' 'EC point formats/#11' 'session ticket/#35' 'heartbeat/#15' 'application layer protocol negotiation/#16'"
}
, {
"id" : "TLS_session_ticket",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "valid for 300 seconds only (<daily)"
}
, {
"id" : "SSL_sessionID_support",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "yes"
}
, {
"id" : "sessionresumption_ticket",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "supported"
}
, {
"id" : "sessionresumption_ID",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "supported"
}
, {
"id" : "TLS_timestamp",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "random"
}
, {
"id" : "cert_numbers",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "1"
}
, {
"id" : "cert_signatureAlgorithm",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"finding" : "SHA256 with RSA"
}
, {
"id" : "cert_keySize",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "2048 bits"
}
, {
"id" : "cert_keyUsage",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "Digital Signature, Key Encipherment"
}
, {
"id" : "cert_extKeyUsage",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "cert_ext_keyusage"
}
, {
"id" : "cert_serialNumber",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "062EAA095325C48DEBCA686D706A2F8E"
}
, {
"id" : "cert_fingerprintSHA1",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "F47E1CF7B0701AF7E044BBE080425EE3CCB7FCB3"
}
, {
"id" : "cert_fingerprintSHA256",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "9ECD20D34B58129EE3C625893E37B782EF002FC9350B5B74F0242B2D2D5199B7"
}
, {
"id" : "cert",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "-----BEGIN CERTIFICATE----- MIIFrzCCBJegAwIBAgIQBi6qCVMlxI3rymhtcGovjjANBgkqhkiG9w0BAQsFADBe MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRSYXBpZFNTTCBSU0EgQ0EgMjAxODAe Fw0xODA5MDYwMDAwMDBaFw0xOTEwMDYxMjAwMDBaMBYxFDASBgNVBAMMCyouZWxp dGV1LmNuMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUWxNR+YSH1B zyHADxgCr1C3Q1Uc1ReyMbinjgBFBOrmRxqSRkg4ogQmOP5Yy7eK2/lhNFNbyInD vJTdYzaVZ/FYP9hn/D0EErLiMGf0TZalyKySTllFcFjFMuHmGpWMLOWyGUzRr/X8 dUnecS25Jb1p+KkZs1wEYP2kdbkGbbuZy14ZofZUsmkYm0a5+6ZZMu9G1LJh1rgw OqI194IyRZxIfH2Yrh68Q0sMh+5cshtOBanCnJGj2yid1c9zd+VmkZdvGL4yA9RE Ul39vNuyC9Gpqw84wYW3pBP/pnI6jFysaZQs4N3ejoVubZx7qtfE/EOuLzPGc323 hZTWhwD47QIDAQABo4ICrzCCAqswHwYDVR0jBBgwFoAUU8oXWfxrwAMhLxqu5Kqo HIJW2nUwHQYDVR0OBBYEFCgm2QFwlr+6ogjyCldkr4R38zIkMCEGA1UdEQQaMBiC CyouZWxpdGV1LmNuggllbGl0ZXUuY24wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8v Y2RwLnJhcGlkc3NsLmNvbS9SYXBpZFNTTFJTQUNBMjAxOC5jcmwwTAYDVR0gBEUw QzA3BglghkgBhv1sAQIwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNl cnQuY29tL0NQUzAIBgZngQwBAgEwdQYIKwYBBQUHAQEEaTBnMCYGCCsGAQUFBzAB hhpodHRwOi8vc3RhdHVzLnJhcGlkc3NsLmNvbTA9BggrBgEFBQcwAoYxaHR0cDov L2NhY2VydHMucmFwaWRzc2wuY29tL1JhcGlkU1NMUlNBQ0EyMDE4LmNydDAJBgNV HRMEAjAAMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHcApLkJkLQYWBSHuxOizGdw Cjw1mAT5G9+443fNDsgN3BAAAAFlrLlIPgAABAMASDBGAiEAgbzUnYwa5G3Uz+JY fa5UjLG36HsjZ1nu0uL/C43tOKYCIQCnjZlUAO5YKqYrqHkwha3EJfnUPgVaiD3b /8nZyrVkAwB2AId1v+dZfPiMQ5lfvfNu/1aNR1Y2/0q1YMG06v9eoIMPAAABZay5 SR4AAAQDAEcwRQIgKFxHK40Gr1KDdUTvQ63PhrsrXGywqJgTPFD+13bY6kkCIQCg 7bxoac00Urg0v9frAF6cULzuF0OBbhSmNbyIQw1FdjANBgkqhkiG9w0BAQsFAAOC AQEASF9LawY0jkfWwMy0dItq0VHfMWudE6TOeConN4hf20m8cHG24zfd47j5U7l0 CEtoHbyiCPMniUAhdHqoBDDNLRG89DzE2Uu5G9ew7LnHPEyjVzunl869ykExY8r4 vGupDFLZ14C91s7htk3+Qqg8QiKMSTA2lvwPmLMuD1Ir5hgC8gofrElN6YdiiGU1 HR+ZPya8Cjda4360mTZuZ+Y0n8ecB/9YBSv9ZKpsc1WXE5kVh8MkjsIIlbDq9VLK nk1QF80d+57MBpg8JmZG/c8zXz/oP2x0DkH6e2yMkS1TJNQf68YySpGnnmPEsNTo aymTVtf2nVPGRs5QfEzB5subRQ== -----END CERTIFICATE-----"
}
, {
"id" : "cert_commonName",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"finding" : "*.eliteu.cn"
}
, {
"id" : "cert_commonName_wo_SNI",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "*.eliteu.cn"
}
, {
"id" : "cert_subjectAltName",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "*.eliteu.cn eliteu.cn"
}
, {
"id" : "cert_caIssuers",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "RapidSSL RSA CA 2018 (DigiCert Inc from US)"
}
, {
"id" : "cert_trust",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"finding" : "Ok via SAN wildcard and CN wildcard (same w/o SNI)"
}
, {
"id" : "cert_chain_of_trust",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"finding" : "passed."
}
, {
"id" : "cert_certificatePolicies_EV",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "no"
}
, {
"id" : "cert_eTLS",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "not present"
}
, {
"id" : "cert_expiration_status",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"finding" : "216 >= 60 days"
}
, {
"id" : "cert_notBefore",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "2018-09-05 20:00"
}
, {
"id" : "cert_notAfter",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"finding" : "2019-10-06 08:00"
}
, {
"id" : "certs_countServer",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "2"
}
, {
"id" : "certs_list_ordering_problem",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "no"
}
, {
"id" : "cert_crlDistributionPoints",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "http://cdp.rapidssl.com/RapidSSLRSACA2018.crl"
}
, {
"id" : "cert_ocspURL",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "http://status.rapidssl.com"
}
, {
"id" : "OCSP_stapling",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "LOW",
"finding" : "not offered"
}
, {
"id" : "cert_mustStapleExtension",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "--"
}
, {
"id" : "DNS_CAArecord",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "LOW",
"finding" : "--"
}
, {
"id" : "certificate_transparency",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"finding" : "yes (certificate extension)"
}
, {
"id" : "HTTP_status_code",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "200 OK ('/CRAN/')"
}
, {
"id" : "HTTP_clock_skew",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "0 seconds from localtime"
}
, {
"id" : "HSTS",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "LOW",
"finding" : "not offered"
}
, {
"id" : "HPKP",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "No support for HTTP Public Key Pinning"
}
, {
"id" : "banner_server",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "Apache/2.4.18 (Ubuntu)"
}
, {
"id" : "banner_application",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "No application banner found"
}
, {
"id" : "cookie_count",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "0 at '/CRAN/'"
}
, {
"id" : "security_headers",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "MEDIUM",
"finding" : "--"
}
, {
"id" : "banner_reverseproxy",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"cwe" : "CWE-200",
"finding" : "--"
}
, {
"id" : "heartbleed",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-0160",
"cwe" : "CWE-119",
"finding" : "not vulnerable , timed out"
}
, {
"id" : "CCS",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-0224",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "ticketbleed",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-9244",
"cwe" : "CWE-200",
"finding" : "not vulnerable"
}
, {
"id" : "ROBOT",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2017-17382 CVE-2017-17427 CVE-2017-17428 CVE-2017-13098 CVE-2017-1000385 CVE-2017-13099 CVE-2016-6883 CVE-2012-5081 CVE-2017-6168",
"cwe" : "CWE-203",
"finding" : "not vulnerable"
}
, {
"id" : "secure_renego",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2009-3555",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "secure_client_renego",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2009-3555",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "CRIME_TLS",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2012-4929",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "BREACH",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "HIGH",
"cve" : "CVE-2013-3587",
"cwe" : "CWE-310",
"finding" : "potentially VULNERABLE, uses gzip HTTP compression - only supplied '/CRAN/' tested"
}
, {
"id" : "POODLE_SSL",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-3566",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "fallback_SCSV",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"finding" : "supported"
}
, {
"id" : "SWEET32",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-2183 CVE-2016-6329",
"cwe" : "CWE-327",
"finding" : "not vulnerable"
}
, {
"id" : "FREAK",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-0204",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "DROWN",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-0800 CVE-2016-0703",
"cwe" : "CWE-310",
"finding" : "not vulnerable to DROWN on this host and port"
}
, {
"id" : "DROWN",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"cve" : "CVE-2016-0800 CVE-2016-0703",
"cwe" : "CWE-310",
"finding" : "Make sure you don't use this certificate elsewhere with SSLv2 enabled services, see https://censys.io/ipv4?q=9ECD20D34B58129EE3C625893E37B782EF002FC9350B5B74F0242B2D2D5199B7"
}
, {
"id" : "LOGJAM",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-4000",
"cwe" : "CWE-310",
"finding" : "not vulnerable, no DH EXPORT ciphers,"
}
, {
"id" : "LOGJAM-common_primes",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-4000",
"cwe" : "CWE-310",
"finding" : "no DH key with <= TLS 1.2"
}
, {
"id" : "BEAST_CBC_TLS1",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "MEDIUM",
"cve" : "CVE-2011-3389",
"cwe" : "CWE-20",
"finding" : "ECDHE-RSA-AES256-SHA AES256-SHA CAMELLIA256-SHA ECDHE-RSA-AES128-SHA AES128-SHA CAMELLIA128-SHA"
}
, {
"id" : "BEAST",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "LOW",
"cve" : "CVE-2011-3389",
"cwe" : "CWE-20",
"finding" : "VULNERABLE -- but also supports higher protocols TLSv1.1 TLSv1.2 (likely mitigated)"
}
, {
"id" : "LUCKY13",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "LOW",
"cve" : "CVE-2013-0169",
"cwe" : "CWE-310",
"finding" : "potentially vulnerable, uses TLS CBC ciphers"
}
, {
"id" : "RC4",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2013-2566 CVE-2015-2808",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "cipher_xc030",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH 256 AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
}
, {
"id" : "cipher_xc028",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "xc028 ECDHE-RSA-AES256-SHA384 ECDH 256 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"
}
, {
"id" : "cipher_xc014",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "xc014 ECDHE-RSA-AES256-SHA ECDH 256 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
}
, {
"id" : "cipher_x9d",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "x9d AES256-GCM-SHA384 RSA AESGCM 256 TLS_RSA_WITH_AES_256_GCM_SHA384"
}
, {
"id" : "cipher_x3d",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "x3d AES256-SHA256 RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA256"
}
, {
"id" : "cipher_x35",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "x35 AES256-SHA RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA"
}
, {
"id" : "cipher_x84",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "x84 CAMELLIA256-SHA RSA Camellia 256 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"
}
, {
"id" : "cipher_xc02f",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH 256 AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
}
, {
"id" : "cipher_xc027",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "xc027 ECDHE-RSA-AES128-SHA256 ECDH 256 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
}
, {
"id" : "cipher_xc013",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "xc013 ECDHE-RSA-AES128-SHA ECDH 256 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
}
, {
"id" : "cipher_x9c",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "x9c AES128-GCM-SHA256 RSA AESGCM 128 TLS_RSA_WITH_AES_128_GCM_SHA256"
}
, {
"id" : "cipher_x3c",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "x3c AES128-SHA256 RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA256"
}
, {
"id" : "cipher_x2f",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "x2f AES128-SHA RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA"
}
, {
"id" : "cipher_x41",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "x41 CAMELLIA128-SHA RSA Camellia 128 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA"
}
, {
"id" : "clientsimulation-android_422",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-android_442",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-android_500",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-android_60",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-android_70",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-chrome_65_win7",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-chrome_70_win10",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-firefox_59_win7",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-firefox_62_win7",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-ie_6_xp",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-ie_7_vista",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-ie_8_win7",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-ie_8_xp",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-ie_11_win7",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-SHA384"
}
, {
"id" : "clientsimulation-ie_11_win81",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-SHA384"
}
, {
"id" : "clientsimulation-ie_11_winphone81",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-ie_11_win10",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-edge_13_win10",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-edge_13_winphone10",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-edge_15_win10",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-opera_17_win7",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-safari_9_ios9",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-safari_9_osx1011",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-safari_10_osx1012",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-apple_ats_9_ios9",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-tor_1709_win7",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-java_6u45",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES128-SHA"
}
, {
"id" : "clientsimulation-java_7u25",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES128-SHA"
}
, {
"id" : "clientsimulation-java_8u161",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-java_904",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-openssl_101l",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-openssl_102e",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "scanTime",
"ip" : "mirrors.eliteu.cn/119.29.56.102",
"port" : "443",
"severity" : "INFO",
"finding" : "369"
}
]

950
data/ssl/mirrors.nic.cz_p443-20190303-0835.json

@ -0,0 +1,950 @@
[
{
"id" : "service",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "HTTP"
}
, {
"id" : "SSLv2",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"finding" : "not offered"
}
, {
"id" : "SSLv3",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"finding" : "not offered"
}
, {
"id" : "TLS1",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "offered"
}
, {
"id" : "TLS1_1",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "offered"
}
, {
"id" : "TLS1_2",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "TLS1_3",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered and downgraded to a weaker protocol"
}
, {
"id" : "NPN",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "offered with http/1.1 (advertised)"
}
, {
"id" : "ALPN",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered"
}
, {
"id" : "cipherlist_NULL",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_aNULL",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_EXPORT",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_LOW",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_3DES_IDEA",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-310",
"finding" : "not offered"
}
, {
"id" : "cipherlist_AVERAGE",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "LOW",
"cwe" : "CWE-310",
"finding" : "offered"
}
, {
"id" : "cipherlist_STRONG",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "PFS",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "PFS_ciphers",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-SHA256 DHE-RSA-AES128-SHA"
}
, {
"id" : "PFS_ECDHE_curves",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"finding" : "prime256v1"
}
, {
"id" : "DH_groups",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"finding" : "Unknown DH group (4096 bits)"
}
, {
"id" : "cipher_order",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"finding" : "server"
}
, {
"id" : "protocol_negotiated",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"finding" : "Default protocol TLS1.2"
}
, {
"id" : "cipher_negotiated",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"finding" : "ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)"
}
, {
"id" : "cipherorder_TLSv1",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES128-SHA DHE-RSA-AES128-SHA"
}
, {
"id" : "cipherorder_TLSv1_1",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES128-SHA DHE-RSA-AES128-SHA"
}
, {
"id" : "cipherorder_TLSv1_2",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-SHA256 DHE-RSA-AES128-SHA"
}
, {
"id" : "TLS_extensions",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "'renegotiation info/#65281' 'EC point formats/#11' 'session ticket/#35' 'status request/#5' 'heartbeat/#15' 'next protocol/#13172'"
}
, {
"id" : "TLS_session_ticket",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "valid for 300 seconds only (<daily)"
}
, {
"id" : "SSL_sessionID_support",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "yes"
}
, {
"id" : "sessionresumption_ticket",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "supported"
}
, {
"id" : "sessionresumption_ID",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "supported"
}
, {
"id" : "TLS_timestamp",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "random"
}
, {
"id" : "cert_numbers",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "1"
}
, {
"id" : "cert_signatureAlgorithm",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"finding" : "SHA256 with RSA"
}
, {
"id" : "cert_keySize",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"finding" : "4096 bits"
}
, {
"id" : "cert_keyUsage",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "Digital Signature, Key Encipherment"
}
, {
"id" : "cert_extKeyUsage",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "cert_ext_keyusage"
}
, {
"id" : "cert_serialNumber",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "030ADFDA4470F7C8D1923CCB4E9E4D126A2B"
}
, {
"id" : "cert_fingerprintSHA1",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "B1ABE8E09080C6571B2BB99387C7267952B5F36D"
}
, {
"id" : "cert_fingerprintSHA256",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "3FC3CC13B3FBABAFC5DD186F15BBCBF5133DB9559275B0E027A8DBE54AB13F40"
}
, {
"id" : "cert",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "-----BEGIN CERTIFICATE----- MIIGZjCCBU6gAwIBAgISAwrf2kRw98jRkjzLTp5NEmorMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTAyMTAwNDI5MDZaFw0x OTA1MTEwNDI5MDZaMBkxFzAVBgNVBAMTDm1pcnJvcnMubmljLmN6MIICIjANBgkq hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsC1cEpVGMcWT7GLKNm6LEqLREYXhalJK 3jQFrPDOBeaub1JKZY/IAA+s1cBB5SCA3I+DJoQIeW2+yeIAXqWfsaFt4s4xnEYq JK/IJSVc3XWwhfY/m7KiJMqZ2pEngA3Tj8PSML4n4AKEp/5Mn6TKX6l/ekN/UQjc J0KsDlQN9TdThmZqc3bly4UfObf3Jz7tS1R5E2glfmMlJ1ZuryTWhbv6BBuoxOxy zc0c7SgcEPDGNpD4WD2w5E8QB3A17t2LrZHnsV//roqVrlVUsPVZ/1SQzRht4myX UWj2bAlZq0oyoY2eCLOS97h+0DVy82HOkRt/QdTME9LxbMcRHH555ZN1C/RQGxJe TuoGjh8EMLqOqHSKGuKA8fDFWlet+GgPQcMxmXp+FzSVAg2kMSJhqmWfSGKCKstX SPIeuNd0UA02aZn5TjR/ZeCWUrWlBWYjyFV5fJViv5Ws8AulpekKWNKFaREEiYjz Ty10OclNWEL11eAdq8DV3mj7tVWuFq3TqJvvgpE5KtG/0S5ds8ZjDSl0NTELdZoE R2uzWMWvOkDcFA6iu0UTy4aQadpkKLBULBaP1Pw4a8FzUknRck9ZmYSOtg65LrB4 lobz3eE/F44n0+MO+104w8t4Zr2Rqasgf4GyETEwcsE2HPTKLaOaDesqo5cOEmL6 yQbPdtKVwD0CAwEAAaOCAnUwggJxMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUcS49 W0vLeBIjvgCgA0wSAjYFAdEwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo 7KEwbwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQt eDMubGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQt eDMubGV0c2VuY3J5cHQub3JnLzAtBgNVHREEJjAkghJtaXJyb3Itci0wMS5uaWMu Y3qCDm1pcnJvcnMubmljLmN6MEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQB gt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3Jn MIIBAgYKKwYBBAHWeQIEAgSB8wSB8ADuAHUAdH7agzGtMxCRIZzOJU9CcMK//V5C IAjGNzV55hB7zFYAAAFo1eFr7AAABAMARjBEAiBYGfZAWprmh4xWbeDpYuQCuK/y VWG3CjMl/nq2/PSZwgIgTjrN86EhKH4cs4JGyPPSIqNb/M788qD4zFAzXRrRm3EA dQBj8tvN6DvMLM8LcoQnV2szpI1hd4+9daY4scdoVEvYjQAAAWjV4WpjAAAEAwBG MEQCIEpbkPclfWOezZwxH0KS/mpso1mBcDtb7L2eydP1BGODAiB+MsmDNiFRNx4h F6oiDdrZv0lCLEGPkWVUhouoYeS+/jANBgkqhkiG9w0BAQsFAAOCAQEAU8YM53IW zA611Zn+kg0EN/0LpQlR38+fUYv2EIjC7csxs+1Nw11vsy4wSJaJOX+hjVJBqjL2 /sRQjc7QH2+NlVHE3/pZTY2FK0TIeutkFw9SolPGN+uUwruWVjNMyhzCJFgW6yPO wrqyYIOnr5OJTs0KVdN2vA+yqUbU4H8VqsEAEdZuEwNkg9nyy9Xgleyi5MOLbMCo W6bJHuYWgMVh8ZxdpTJxr5CW6RmeXss2rcYr+g+mDLWm5TgNNUk5wAaPMeLQcBYA +MwM6wqFB6WIQoGu9XSmbriM9Cq4ReK7P2iaw7JS32kXD8cnwh3QlNvnMm4IWeEJ uXSoImWwnpdFig== -----END CERTIFICATE-----"
}
, {
"id" : "cert_commonName",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"finding" : "mirrors.nic.cz"
}
, {
"id" : "cert_commonName_wo_SNI",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "mirrors.nic.cz"
}
, {
"id" : "cert_subjectAltName",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "mirror-r-01.nic.cz mirrors.nic.cz"
}
, {
"id" : "cert_caIssuers",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "Let's Encrypt Authority X3 (Let's Encrypt from US)"
}
, {
"id" : "cert_trust",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"finding" : "Ok via SAN and CN (same w/o SNI)"
}
, {
"id" : "cert_chain_of_trust",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"finding" : "passed."
}
, {
"id" : "cert_certificatePolicies_EV",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "no"
}
, {
"id" : "cert_eTLS",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "not present"
}
, {
"id" : "cert_expiration_status",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"finding" : "68 >= 30 days"
}
, {
"id" : "cert_notBefore",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "2019-02-09 23:29"
}
, {
"id" : "cert_notAfter",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"finding" : "2019-05-11 00:29"
}
, {
"id" : "certs_countServer",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "2"
}
, {
"id" : "certs_list_ordering_problem",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "no"
}
, {
"id" : "cert_crlDistributionPoints",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "--"
}
, {
"id" : "cert_ocspURL",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "http://ocsp.int-x3.letsencrypt.org"
}
, {
"id" : "OCSP_stapling",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "cert_ocspRevoked",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"finding" : "not revoked"
}
, {
"id" : "cert_mustStapleExtension",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "--"
}
, {
"id" : "DNS_CAArecord",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "LOW",
"finding" : "--"
}
, {
"id" : "certificate_transparency",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"finding" : "yes (certificate extension)"
}
, {
"id" : "HTTP_status_code",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "200 OK ('/R/')"
}
, {
"id" : "HTTP_clock_skew",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "0 seconds from localtime"
}
, {
"id" : "HSTS",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "LOW",
"finding" : "not offered"
}
, {
"id" : "HPKP",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "No support for HTTP Public Key Pinning"
}
, {
"id" : "banner_server",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "nginx/1.9.4"
}
, {
"id" : "banner_application",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "No application banner found"
}
, {
"id" : "cookie_count",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "0 at '/R/'"
}
, {
"id" : "security_headers",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "MEDIUM",
"finding" : "--"
}
, {
"id" : "banner_reverseproxy",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"cwe" : "CWE-200",
"finding" : "--"
}
, {
"id" : "heartbleed",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-0160",
"cwe" : "CWE-119",
"finding" : "not vulnerable , timed out"
}
, {
"id" : "CCS",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-0224",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "ticketbleed",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-9244",
"cwe" : "CWE-200",
"finding" : "not vulnerable"
}
, {
"id" : "ROBOT",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2017-17382 CVE-2017-17427 CVE-2017-17428 CVE-2017-13098 CVE-2017-1000385 CVE-2017-13099 CVE-2016-6883 CVE-2012-5081 CVE-2017-6168",
"cwe" : "CWE-203",
"finding" : "not vulnerable, no RSA key transport cipher"
}
, {
"id" : "secure_renego",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2009-3555",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "secure_client_renego",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2009-3555",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "CRIME_TLS",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2012-4929",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "BREACH",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "HIGH",
"cve" : "CVE-2013-3587",
"cwe" : "CWE-310",
"finding" : "potentially VULNERABLE, uses gzip HTTP compression - only supplied '/R/' tested"
}
, {
"id" : "POODLE_SSL",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-3566",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "fallback_SCSV",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"finding" : "supported"
}
, {
"id" : "SWEET32",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-2183 CVE-2016-6329",
"cwe" : "CWE-327",
"finding" : "not vulnerable"
}
, {
"id" : "FREAK",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-0204",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "DROWN",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-0800 CVE-2016-0703",
"cwe" : "CWE-310",
"finding" : "not vulnerable to DROWN on this host and port"
}
, {
"id" : "DROWN",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"cve" : "CVE-2016-0800 CVE-2016-0703",
"cwe" : "CWE-310",
"finding" : "Make sure you don't use this certificate elsewhere with SSLv2 enabled services, see https://censys.io/ipv4?q=3FC3CC13B3FBABAFC5DD186F15BBCBF5133DB9559275B0E027A8DBE54AB13F40"
}
, {
"id" : "LOGJAM",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-4000",
"cwe" : "CWE-310",
"finding" : "not vulnerable, no DH EXPORT ciphers,"
}
, {
"id" : "LOGJAM-common_primes",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-4000",
"cwe" : "CWE-310",
"finding" : "--"
}
, {
"id" : "BEAST_CBC_TLS1",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "MEDIUM",
"cve" : "CVE-2011-3389",
"cwe" : "CWE-20",
"finding" : "ECDHE-RSA-AES128-SHA DHE-RSA-AES128-SHA"
}
, {
"id" : "BEAST",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "LOW",
"cve" : "CVE-2011-3389",
"cwe" : "CWE-20",
"finding" : "VULNERABLE -- but also supports higher protocols TLSv1.1 TLSv1.2 (likely mitigated)"
}
, {
"id" : "LUCKY13",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "LOW",
"cve" : "CVE-2013-0169",
"cwe" : "CWE-310",
"finding" : "potentially vulnerable, uses TLS CBC ciphers"
}
, {
"id" : "RC4",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2013-2566 CVE-2015-2808",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "cipher_xc02f",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH 256 AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
}
, {
"id" : "cipher_xc027",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "xc027 ECDHE-RSA-AES128-SHA256 ECDH 256 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
}
, {
"id" : "cipher_xc013",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "xc013 ECDHE-RSA-AES128-SHA ECDH 256 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
}
, {
"id" : "cipher_x9e",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "x9e DHE-RSA-AES128-GCM-SHA256 DH 4096 AESGCM 128 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256"
}
, {
"id" : "cipher_x67",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "x67 DHE-RSA-AES128-SHA256 DH 4096 AES 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"
}
, {
"id" : "cipher_x33",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "x33 DHE-RSA-AES128-SHA DH 4096 AES 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
}
, {
"id" : "clientsimulation-android_422",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES128-SHA"
}
, {
"id" : "clientsimulation-android_442",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-android_500",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-android_60",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-android_70",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-chrome_65_win7",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-chrome_70_win10",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-firefox_59_win7",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-firefox_62_win7",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-ie_6_xp",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-ie_7_vista",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES128-SHA"
}
, {
"id" : "clientsimulation-ie_8_win7",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES128-SHA"
}
, {
"id" : "clientsimulation-ie_8_xp",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-ie_11_win7",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-SHA256"
}
, {
"id" : "clientsimulation-ie_11_win81",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-SHA256"
}
, {
"id" : "clientsimulation-ie_11_winphone81",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-SHA256"
}
, {
"id" : "clientsimulation-ie_11_win10",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-edge_13_win10",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-edge_13_winphone10",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-edge_15_win10",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-opera_17_win7",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-SHA256"
}
, {
"id" : "clientsimulation-safari_9_ios9",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-safari_9_osx1011",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-safari_10_osx1012",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-apple_ats_9_ios9",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-tor_1709_win7",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES128-SHA"
}
, {
"id" : "clientsimulation-java_6u45",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-java_7u25",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES128-SHA"
}
, {
"id" : "clientsimulation-java_8u161",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-java_904",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-openssl_101l",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-openssl_102e",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "scanTime",
"ip" : "mirrors.nic.cz/217.31.202.63",
"port" : "443",
"severity" : "INFO",
"finding" : "358"
}
]

1033
data/ssl/mirrors.shu.edu.cn_p443-20190303-0835.json

File diff suppressed because it is too large

1897
data/ssl/mirrors.tongji.edu.cn_p443-20190303-0835.json

File diff suppressed because it is too large

1097
data/ssl/mirrors.tuna.tsinghua.edu.cn_p443-20190303-0835.json

File diff suppressed because it is too large

2311
data/ssl/mirrors.ustc.edu.cn_p443-20190303-0835.json

File diff suppressed because it is too large

1055
data/ssl/muug.ca_p443-20190303-0835.json

File diff suppressed because it is too large

1076
data/ssl/pbil.univ-lyon1.fr_p443-20190303-0835.json

File diff suppressed because it is too large

1134
data/ssl/repo.bppt.go.id_p443-20190303-0839.json

File diff suppressed because it is too large

1055
data/ssl/rweb.crmda.ku.edu_p443-20190303-0846.json

File diff suppressed because it is too large

1076
data/ssl/stat.ethz.ch_p443-20190303-0844.json

File diff suppressed because it is too large

1160
data/ssl/vps.fmvz.usp.br_p443-20190303-0821.json

File diff suppressed because it is too large

971
data/ssl/wbc.upm.edu.my_p443-20190303-0841.json

@ -0,0 +1,971 @@
[
{
"id" : "service",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "HTTP"
}
, {
"id" : "SSLv2",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "OK",
"finding" : "not offered"
}
, {
"id" : "SSLv3",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "OK",
"finding" : "not offered"
}
, {
"id" : "TLS1",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "offered"
}
, {
"id" : "TLS1_1",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "CRITICAL",
"finding" : "TLSv1.1 is not offered, and downgraded to a weaker protocol"
}
, {
"id" : "TLS1_2",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "MEDIUM",
"finding" : "not offered and downgraded to a weaker protocol"
}
, {
"id" : "TLS1_3",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered and downgraded to a weaker protocol"
}
, {
"id" : "NPN",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered"
}
, {
"id" : "ALPN",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered"
}
, {
"id" : "cipherlist_NULL",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_aNULL",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_EXPORT",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_LOW",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "CRITICAL",
"cwe" : "CWE-327",
"finding" : "offered"
}
, {
"id" : "cipherlist_3DES_IDEA",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "HIGH",
"cwe" : "CWE-310",
"finding" : "offered"
}
, {
"id" : "cipherlist_AVERAGE",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "LOW",
"cwe" : "CWE-310",
"finding" : "offered"
}
, {
"id" : "cipherlist_STRONG",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "MEDIUM",
"finding" : "not offered"
}
, {
"id" : "PFS",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "PFS_ciphers",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "DHE-RSA-AES256-SHA DHE-RSA-AES128-SHA"
}
, {
"id" : "DH_groups",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "MEDIUM",
"finding" : "mod_ssl 2.2.x/1024-bit MODP group with safe prime modulus"
}
, {
"id" : "cipher_order",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "HIGH",
"finding" : "NOT a cipher order configured"
}
, {
"id" : "protocol_negotiated",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "Default protocol TLS1.0"
}
, {
"id" : "cipher_negotiated",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "LOW",
"finding" : "DHE-RSA-AES256-SHA, 1024 bit DH (cbc) (limited sense as client will pick)"
}
, {
"id" : "cipher_order_",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "at (limited sense as client will pick)"
}
, {
"id" : "cipher_order_",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "at (limited sense as client will pick)"
}
, {
"id" : "cipher_order_TLSv1",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "DHE-RSA-AES256-SHA at TLSv1 (limited sense as client will pick)"
}
, {
"id" : "cipher_order_",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "at (limited sense as client will pick)"
}
, {
"id" : "cipher_order_",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "at (limited sense as client will pick)"
}
, {
"id" : "cipher_order_",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "at (limited sense as client will pick)"
}
, {
"id" : "TLS_extensions",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "'server name/#0' 'renegotiation info/#65281' 'session ticket/#35'"
}
, {
"id" : "TLS_session_ticket",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "No lifetime advertised"
}
, {
"id" : "SSL_sessionID_support",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "yes"
}
, {
"id" : "sessionresumption_ticket",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "supported"
}
, {
"id" : "sessionresumption_ID",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "supported"
}
, {
"id" : "TLS_timestamp",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "off by +7544 seconds from your localtime"
}
, {
"id" : "cert_numbers",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "1"
}
, {
"id" : "cert_signatureAlgorithm",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "OK",
"finding" : "SHA256 with RSA"
}
, {
"id" : "cert_keySize",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "2048 bits"
}
, {
"id" : "cert_keyUsage",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "Digital Signature, Key Encipherment"
}
, {
"id" : "cert_extKeyUsage",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "cert_ext_keyusage"
}
, {
"id" : "cert_serialNumber",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "E1B32FAB75A7B651B2951A0F0C0DF979"
}
, {
"id" : "cert_fingerprintSHA1",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "2E7A0D306C752B866F72AD01032A508930D51DA6"
}
, {
"id" : "cert_fingerprintSHA256",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "87E657AFAF8FE0532E57BFF8F5A1EE686BCC0C63E77489C36F59E6466E659190"
}
, {
"id" : "cert",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "-----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgIRAOGzL6t1p7ZRspUaDwwN+XkwDQYJKoZIhvcNAQELBQAw gZAxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTYwNAYD VQQDEy1DT01PRE8gUlNBIERvbWFpbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIg Q0EwHhcNMTYwMzI3MDAwMDAwWhcNMTkwMzI3MjM1OTU5WjBSMSEwHwYDVQQLExhE b21haW4gQ29udHJvbCBWYWxpZGF0ZWQxFDASBgNVBAsTC1Bvc2l0aXZlU1NMMRcw FQYDVQQDEw53YmMudXBtLmVkdS5teTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC AQoCggEBAKnGyg/Le/f39QlbK3xD0d+2K0t0XJkopOXjNWG1AdeyvIXwTrnUP/fT WQLn3qFma38MpqoHXLzjqJIOq3UZkRn0oTh7h9lowo7ya+4YsTRs6sQbyJNG1IYY oztD1gVrYa6gTb7WG6uAAWtwdxhTZXLywGLKHUvW6A2ocgQRTpTVHiDjEIwueJcp Z1teFbAzo+Jcza5s200GosAqrAkpGFF+i0Cv9ETFtI5u13FIjiWxB9kPNf8yuQZ4 RfN5oARNAmahcJIZsCgoL8feTXiYVgxM3OQismo28cIzobRlw3vxgFFpn7bUc/iJ ab4AspGJr1sI0OHlDjWyPjy3iPlvOBUCAwEAAaOCAd8wggHbMB8GA1UdIwQYMBaA FJCvajqUWgvYkOoSVnPfQ7Q6KNrnMB0GA1UdDgQWBBR9snS/z/2Yq4bdO1/c0x72 zZHOpjAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggr BgEFBQcDAQYIKwYBBQUHAwIwTwYDVR0gBEgwRjA6BgsrBgEEAbIxAQICBzArMCkG CCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8uY29tL0NQUzAIBgZngQwB AgEwVAYDVR0fBE0wSzBJoEegRYZDaHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09N T0RPUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCBhQYIKwYB BQUHAQEEeTB3ME8GCCsGAQUFBzAChkNodHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9D T01PRE9SU0FEb21haW5WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCQGCCsG AQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wLQYDVR0RBCYwJIIOd2Jj LnVwbS5lZHUubXmCEnd3dy53YmMudXBtLmVkdS5teTANBgkqhkiG9w0BAQsFAAOC AQEAbxVA/VeRIjggz0VaxBw4uF6CAIk99EZmqNtQZUsIgxghcCK9rqKc/jMoRSKP 95kQwR+ustrnybBkwXI6jQEmnpXjOoiB5RFwnzDaVLe5/ef4N5Z3WBLgrcXVhUfY M+EHSnGD4gqssCSGwrjnlD4QqjzU/xSU2YBP2mBVO3bi4+zEymPzJEQ7JUdGIumQ 8v+NcfeZY+w03SVXmW4tiBmm22QtjWbi1pNqx2Jt/u4sMR8CaoWOpUkcg8PZWqX/ lQTyH6pioQ5b+80I11+2TA427h3iz0pLZKbEoRikj2Uwzz/SQ/M6vmepKp8Pvqd0 2xKeBPkbGzwDyd4G9bO0hAH2TA== -----END CERTIFICATE-----"
}
, {
"id" : "cert_commonName",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "OK",
"finding" : "wbc.upm.edu.my"
}
, {
"id" : "cert_commonName_wo_SNI",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "ngkengyap.com"
}
, {
"id" : "cert_subjectAltName",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "wbc.upm.edu.my www.wbc.upm.edu.my"
}
, {
"id" : "cert_caIssuers",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "COMODO RSA Domain Validation Secure Server CA (COMODO CA Limited from GB)"
}
, {
"id" : "cert_trust",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "OK",
"finding" : "Ok via SAN and CN (SNI mandatory)"
}
, {
"id" : "cert_chain_of_trust",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "OK",
"finding" : "passed."
}
, {
"id" : "cert_certificatePolicies_EV",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "no"
}
, {
"id" : "cert_eTLS",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "not present"
}
, {
"id" : "cert_expiration_status",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "HIGH",
"finding" : "expires < 30 days (24)"
}
, {
"id" : "cert_notBefore",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "2016-03-26 20:00"
}
, {
"id" : "cert_notAfter",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "HIGH",
"finding" : "2019-03-27 19:59"
}
, {
"id" : "certs_countServer",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "4"
}
, {
"id" : "certs_list_ordering_problem",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "no"
}
, {
"id" : "cert_crlDistributionPoints",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl"
}
, {
"id" : "cert_ocspURL",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "http://ocsp.comodoca.com"
}
, {
"id" : "OCSP_stapling",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "LOW",
"finding" : "not offered"
}
, {
"id" : "cert_mustStapleExtension",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "--"
}
, {
"id" : "DNS_CAArecord",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "LOW",
"finding" : "--"
}
, {
"id" : "certificate_transparency",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "--"
}
, {
"id" : "HTTP_status_code",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "200 OK ('/cran/')"
}
, {
"id" : "HTTP_clock_skew",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "+7546 seconds from localtime"
}
, {
"id" : "HSTS",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "LOW",
"finding" : "not offered"
}
, {
"id" : "HPKP",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "No support for HTTP Public Key Pinning"
}
, {
"id" : "banner_server",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "Apache/2.2.16 (Debian)"
}
, {
"id" : "banner_application",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "No application banner found"
}
, {
"id" : "cookie_count",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "0 at '/cran/'"
}
, {
"id" : "security_headers",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "MEDIUM",
"finding" : "--"
}
, {
"id" : "banner_reverseproxy",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"cwe" : "CWE-200",
"finding" : "--"
}
, {
"id" : "heartbleed",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-0160",
"cwe" : "CWE-119",
"finding" : "not vulnerable, no heartbeat extension"
}
, {
"id" : "CCS",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "CRITICAL",
"cve" : "CVE-2014-0224",
"cwe" : "CWE-310",
"finding" : "VULNERABLE"
}
, {
"id" : "ticketbleed",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-9244",
"cwe" : "CWE-200",
"finding" : "not vulnerable, returned potential memory fragments do not differ"
}
, {
"id" : "ROBOT",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2017-17382 CVE-2017-17427 CVE-2017-17428 CVE-2017-13098 CVE-2017-1000385 CVE-2017-13099 CVE-2016-6883 CVE-2012-5081 CVE-2017-6168",
"cwe" : "CWE-203",
"finding" : "not vulnerable"
}
, {
"id" : "secure_renego",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2009-3555",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "secure_client_renego",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2009-3555",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "CRIME_TLS",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2012-4929",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "BREACH",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "HIGH",
"cve" : "CVE-2013-3587",
"cwe" : "CWE-310",
"finding" : "potentially VULNERABLE, uses gzip HTTP compression - only supplied '/cran/' tested"
}
, {
"id" : "POODLE_SSL",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-3566",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "fallback_SCSV",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "OK",
"finding" : "no protocol below TLS 1 offered"
}
, {
"id" : "SWEET32",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "LOW",
"cve" : "CVE-2016-2183 CVE-2016-6329",
"cwe" : "CWE-327",
"finding" : "uses 64 bit block ciphers"
}
, {
"id" : "FREAK",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-0204",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "DROWN",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-0800 CVE-2016-0703",
"cwe" : "CWE-310",
"finding" : "not vulnerable to DROWN on this host and port"
}
, {
"id" : "DROWN",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"cve" : "CVE-2016-0800 CVE-2016-0703",
"cwe" : "CWE-310",
"finding" : "Make sure you don't use this certificate elsewhere with SSLv2 enabled services, see https://censys.io/ipv4?q=87E657AFAF8FE0532E57BFF8F5A1EE686BCC0C63E77489C36F59E6466E659190"
}
, {
"id" : "LOGJAM-common_primes",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "HIGH",
"cve" : "CVE-2015-4000",
"cwe" : "CWE-310",
"finding" : "mod_ssl 2.2.x/1024-bit MODP group with safe prime modulus"
}
, {
"id" : "LOGJAM",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-4000",
"cwe" : "CWE-310",
"finding" : "not vulnerable, no DH EXPORT ciphers,"
}
, {
"id" : "BEAST_CBC_TLS1",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "MEDIUM",
"cve" : "CVE-2011-3389",
"cwe" : "CWE-20",
"finding" : "DHE-RSA-AES256-SHA AES256-SHA DHE-RSA-AES128-SHA AES128-SHA EDH-RSA-DES-CBC3-SHA DES-CBC3-SHA"
}
, {
"id" : "BEAST",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "MEDIUM",
"cve" : "CVE-2011-3389",
"cwe" : "CWE-20",
"finding" : "VULNERABLE -- and no higher protocols as mitigation supported"
}
, {
"id" : "LUCKY13",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "LOW",
"cve" : "CVE-2013-0169",
"cwe" : "CWE-310",
"finding" : "potentially vulnerable, uses TLS CBC ciphers"
}
, {
"id" : "RC4",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "HIGH",
"cve" : "CVE-2013-2566 CVE-2015-2808",
"cwe" : "CWE-310",
"finding" : "VULNERABLE, Detected ciphers: RC4-SHA RC4-MD5"
}
, {
"id" : "cipher_x39",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "x39 DHE-RSA-AES256-SHA DH 1024 AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA"
}
, {
"id" : "cipher_x35",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "x35 AES256-SHA RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA"
}
, {
"id" : "cipher_x33",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "x33 DHE-RSA-AES128-SHA DH 1024 AES 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
}
, {
"id" : "cipher_x2f",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "x2f AES128-SHA RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA"
}
, {
"id" : "cipher_x05",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "x05 RC4-SHA RSA RC4 128 TLS_RSA_WITH_RC4_128_SHA"
}
, {
"id" : "cipher_x04",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "x04 RC4-MD5 RSA RC4 128 TLS_RSA_WITH_RC4_128_MD5"
}
, {
"id" : "cipher_x16",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "x16 EDH-RSA-DES-CBC3-SHA DH 1024 3DES 168 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"
}
, {
"id" : "cipher_x0a",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "x0a DES-CBC3-SHA RSA 3DES 168 TLS_RSA_WITH_3DES_EDE_CBC_SHA"
}
, {
"id" : "clientsimulation-android_422",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-android_442",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-android_500",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-android_60",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-android_70",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES128-SHA"
}
, {
"id" : "clientsimulation-chrome_65_win7",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES128-SHA"
}
, {
"id" : "clientsimulation-chrome_70_win10",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES128-SHA"
}
, {
"id" : "clientsimulation-firefox_59_win7",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES128-SHA"
}
, {
"id" : "clientsimulation-firefox_62_win7",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES128-SHA"
}
, {
"id" : "clientsimulation-ie_6_xp",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-ie_7_vista",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES128-SHA"
}
, {
"id" : "clientsimulation-ie_8_win7",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES128-SHA"
}
, {
"id" : "clientsimulation-ie_8_xp",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 RC4-MD5"
}
, {
"id" : "clientsimulation-ie_11_win7",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES256-SHA"
}
, {
"id" : "clientsimulation-ie_11_win81",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-ie_11_winphone81",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES128-SHA"
}
, {
"id" : "clientsimulation-ie_11_win10",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-edge_13_win10",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-edge_13_winphone10",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES256-SHA"
}
, {
"id" : "clientsimulation-edge_15_win10",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES256-SHA"
}
, {
"id" : "clientsimulation-opera_17_win7",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-safari_9_ios9",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES256-SHA"
}
, {
"id" : "clientsimulation-safari_9_osx1011",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES256-SHA"
}
, {
"id" : "clientsimulation-safari_10_osx1012",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES256-SHA"
}
, {
"id" : "clientsimulation-apple_ats_9_ios9",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-tor_1709_win7",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-java_6u45",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 RC4-MD5"
}
, {
"id" : "clientsimulation-java_7u25",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES128-SHA"
}
, {
"id" : "clientsimulation-java_8u161",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES256-SHA"
}
, {
"id" : "clientsimulation-java_904",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 AES256-SHA"
}
, {
"id" : "clientsimulation-openssl_101l",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-openssl_102e",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 DHE-RSA-AES256-SHA"
}
, {
"id" : "scanTime",
"ip" : "wbc.upm.edu.my/119.40.117.175",
"port" : "443",
"severity" : "INFO",
"finding" : "266"
}
]

1062
data/ssl/www.freestatistics.org_p443-20190303-0807.json

File diff suppressed because it is too large

1110
data/ssl/www.icesi.edu.co_p443-20190303-0835.json

File diff suppressed because it is too large

1076
data/ssl/www.stats.bris.ac.uk_p443-20190303-0845.json

File diff suppressed because it is too large

396
orly.R

@ -1,3 +1,21 @@
#' ---
#' title: "CRAN HTTPS Mirrors"
#' author: ""
#' date: ""
#' output:
#' html_document:
#' df_print: kable
#' keep_md: true
#' theme: simplex
#' highlight: monochrome
#' ---
#+ init, include=FALSE
knitr::opts_chunk$set(
message = FALSE, warning = FALSE, dev = "png",
fig.retina = 2, fig.width = 10, fig.height = 6
)
#+ libs
library(xml2)
library(httr)
library(curl)
@ -6,67 +24,81 @@ library(urltools)
library(ipinfo)
library(openssl)
library(furrr)
library(vershist)
library(vershist) # install.packages("vershist", repos = "https://cinc.rud.is/")
library(ggalt)
library(ggbeeswarm)
library(hrbrthemes)
library(tidyverse)
mdoc <- xml2::read_xml("~/data/mirrors.html", as_html = TRUE)
#' ## Collect CRAN mirrors' metadata
xml_find_all(mdoc, ".//td/a[contains(@href, 'https')]") %>%
xml_attr("href") %>%
unique() -> ssl_mirrors
if (!file.exists(here::here("data/mir-dat.rds"))) {
mdoc <- xml2::read_xml("~/data/mirrors.html", as_html = TRUE)
ssl_mirrors
xml_find_all(mdoc, ".//td/a[contains(@href, 'https')]") %>%
xml_attr("href") %>%
unique() -> ssl_mirrors
plan(multiprocess)
plan(multiprocess)
dl_cert <- possibly(openssl::download_ssl_cert, NULL)
HEAD_ <- possibly(httr::HEAD, NULL)
dig <- possibly(curl::nslookup, NULL)
query_ip_ <- possibly(ipinfo::query_ip, NULL)
dl_cert <- possibly(openssl::download_ssl_cert, NULL)
HEAD_ <- possibly(httr::HEAD, NULL)
dig <- possibly(curl::nslookup, NULL)
query_ip_ <- possibly(ipinfo::query_ip, NULL)
ssl_mirrors %>%
future_map(~{
host <- domain(.x)
ip <- dig(host, TRUE)
ip_info <- if (length(ip)) query_ip_(ip) else NULL
list(
host = host,
cert = dl_cert(host),
head = HEAD_(.x),
ip = ip,
ip_info = ip_info
)
}) -> mir_dat
ssl_mirrors %>%
future_map(~{
host <- domain(.x)
ip <- dig(host, TRUE)
ip_info <- if (length(ip)) query_ip_(ip) else NULL
list(
host = host,
cert = dl_cert(host),
head = HEAD_(.x),
ip = ip,
ip_info = ip_info
)
}) -> mir_dat
saveRDS(mir_dat, "~/data/mir-dat.rds")
saveRDS(mir_dat, here::here("data/mir-dat.rds"))
} else {
mir_dat <- readRDS(here::here("data/mir-dat.rds"))
}
str(mir_dat, 3)
str(mir_dat[1], 3)
maps::map("world", ".", exact = FALSE, plot = FALSE, fill = TRUE) %>%
fortify() %>%
#' Gratuitous map of CRAN mirror locations
maps::map("world", ".", exact = FALSE, plot = FALSE, fill = TRUE) %>%
fortify() %>%
filter(region != "Antarctica") -> world
map_chr(mir_dat, ~.x$ip_info$loc) %>%
stri_split_fixed(pattern = ",", n = 2, simplify = TRUE) %>%
as_tibble() %>%
map_chr(mir_dat, ~.x$ip_info$loc) %>%
stri_split_fixed(pattern = ",", n = 2, simplify = TRUE) %>%
as.data.frame(stringsAsFactors = FALSE) %>%
as_tibble() %>%
mutate_all(list(as.numeric)) -> wheres_cran
#+ cran-map, fig.width=10, fig.height=6
ggplot() +
ggalt::geom_cartogram(
data = world, map = world, aes(long, lat, map_id=region),
data = world, map = world, aes(long, lat, map_id=region),
color = ft_cols$gray, size = 0.125
) +
geom_point(data = wheres_cran, aes(V2, V1), color = "white") +
geom_point(
data = wheres_cran, aes(V2, V1), size = 2,
color = ft_cols$slate, fill = alpha(ft_cols$yellow, 3/4), shape = 21
) +
ggalt::coord_proj("+proj=wintri") +
labs(
x = NULL, y = NULL
x = NULL, y = NULL,
title = "Geolocation of HTTPS-'enabled' CRAN Mirrors"
) +
theme_ft_rc(grid="") +
theme(axis.text = element_blank())
#' ## Look at certificate info
map_df(mir_dat, ~{
tibble(
host = .x$host,
@ -79,70 +111,165 @@ map_df(mir_dat, ~{
)
}) -> certs
count(certs, names, sort=TRUE)
#' ### How many either blocked the connection or don't exist
distinct(certs, host, algo, key_size) %>%
count(algo, key_size, sort=TRUE)
certs[!complete.cases(certs),]
certs <- filter(certs, complete.cases(certs))
distinct(certs, host, i_issuer) %>%
count(i_issuer, sort = TRUE) %>%
print(n = 28)
#' ### How many domains do these certs serve?
count(certs, host, sort=TRUE) %>%
#+ alt-names-ct, fig.width=8, fig.height=6
count(certs, host, sort=TRUE) %>%
ggplot() +
geom_quasirandom(aes("", n))
geom_quasirandom(
aes("", n), size = 2,
color = ft_cols$slate, fill = alpha(ft_cols$yellow, 3/4), shape = 21
) +
scale_y_comma() +
labs(
x = NULL, y = "# Servers",
title = "Distribution of the number of alt-names in CRAN mirror certificates"
) +
theme_ft_rc(grid="Y")
#' Take a look at some of them
filter(certs, host == "cran.cnr.berkeley.edu") %>%
select(names) %>%
head(20)
filter(certs, host == "cran.rapporter.net") %>%
select(names) %>%
head(20)
filter(certs, host == "cran-r.c3sl.ufpr.br") %>%
select(names) %>%
head(20)
filter(certs, host == "fourdots.com") %>%
select(names) %>%
head(20)
#' ### Certificate algo/key
distinct(certs, host, algo, key_size) %>%
count(algo, key_size, sort=TRUE)
#' ### Certificate issuers
distinct(certs, host, i_issuer) %>%
count(i_issuer, sort = TRUE) %>%
head(28)
#' ## Interactive SSL tests
#'
#' Using [`testssl.sh`](https://github.com/drwetter/testssl.sh).
list.files(here::here("data/ssl"), "json$", full.names = TRUE) %>%
map_df(jsonlite::fromJSON) %>%
as_tibble() -> ssl_tests
sev <- c("OK", "LOW", "MEDIUM", "HIGH", "WARN", "CRITICAL")
#+ testssl, fig.width=8, fig.height=12
filter(ssl_tests, severity %in% sev) %>%
group_by(ip) %>%
count(severity) %>%
ungroup() %>%
complete(ip = unique(ip), severity = sev) %>%
mutate(severity = factor(severity, levels = sev)) %>%
arrange(ip) %>%
mutate(ip = factor(ip, levels = rev(unique(ip)))) %>%
ggplot(aes(severity, ip, fill=n)) +
geom_tile(color = "#b2b2b2", size = 0.125) +
scale_x_discrete(name = NULL, expand = c(0,0.1), position = "top") +
scale_y_discrete(name = NULL, expand = c(0,0)) +
viridis::scale_fill_viridis(
name = "# Tests", option = "cividis", na.value = ft_cols$gray
) +
labs(
title = "CRAN Mirror SSL Test Summary Findings by Severity"
) +
theme_ft_rc(grid="") +
theme(axis.text.y = element_text(size = 8, family = "mono")) -> gg
# We're going to move the title vs have too wide of a plot
filter(certs, host == "cran.cnr.berkeley.edu") %>%
select(names)
gb <- ggplot2::ggplotGrob(gg)
gb$layout$l[gb$layout$name %in% "title"] <- 2
grid::grid.newpage()
grid::grid.draw(gb)
#' ## Web server headers
map_df(mir_dat, ~{
filter(certs, host == "cran.rapporter.net") %>%
select(names)
if (length(.x$head$headers) == 0) return(NULL)
filter(certs, host == "cran-r.c3sl.ufpr.br") %>%
select(names)
host <- .x$host
filter(certs, host == "fourdots.com") %>%
select(names)
flatten_df(.x$head$headers) %>%
gather(name, value) %>%
mutate(host = host)
map(mir_dat, ~.x$head$headers) %>%
compact() %>%
map_df(~{
flatten_df(.x) %>%
gather(name, value)
}, .id = "site_num") -> hdrs
}) -> hdrs
count(hdrs, name, sort=TRUE) %>%
print(n=31)
count(hdrs, name, sort=TRUE) %>%
head(nrow(.))
filter(hdrs, name == "server") %>%
separate(value, c("kind", "version"), sep="/", fill="right", extra="merge") -> svr
#' ### 'Security' Headers
c(
"content-security-policy", "x-frame-options", "x-xss-protection",
"x-content-type-options", "strict-transport-security", "referrer-policy"
) -> secure_headers
count(hdrs, name, sort=TRUE) %>%
filter(name %in% secure_headers)
filter(hdrs, name %in% secure_headers) %>%
count(host, sort = TRUE)
filter(hdrs, host == "cran.csiro.au", name %in% secure_headers)
#' ### 'Server' Types
filter(hdrs, name == "server") %>%
separate(
value, c("kind", "version"), sep="/", fill="right", extra="merge"
) -> svr
count(svr, kind, sort=TRUE)
apache_httpd_version_history() %>%
arrange(rls_date) %>%
#' #### apache
apache_httpd_version_history() %>%
arrange(rls_date) %>%
mutate(
vers = factor(as.character(vers), levels = as.character(vers))
) -> apa_all
filter(svr, kind == "Apache") %>%
filter(!is.na(version)) %>%
mutate(version = stri_replace_all_regex(version, " .*$", "")) %>%
count(version) %>%
separate(version, c("maj", "min", "pat"), sep="\\.", convert = TRUE, fill = "right") %>%
mutate(pat = ifelse(is.na(pat), 1, pat)) %>%
mutate(v = sprintf("%s.%s.%s", maj, min, pat)) %>%
mutate(v = factor(v, levels = apa_all$vers)) %>%
filter(svr, kind == "Apache") %>%
filter(!is.na(version)) %>%
mutate(version = stri_replace_all_regex(version, " .*$", "")) %>%
count(version) %>%
separate(version, c("maj", "min", "pat"), sep="\\.", convert = TRUE, fill = "right") %>%
mutate(pat = ifelse(is.na(pat), 1, pat)) %>%
mutate(v = sprintf("%s.%s.%s", maj, min, pat)) %>%
mutate(v = factor(v, levels = apa_all$vers)) %>%
arrange(v) -> apa_vers
filter(apa_all, vers %in% apa_vers$v) %>%
arrange(rls_date) %>%
group_by(rls_year) %>%
slice(1) %>%
ungroup() %>%
filter(apa_all, vers %in% apa_vers$v) %>%
arrange(rls_date) %>%
group_by(rls_year) %>%
slice(1) %>%
ungroup() %>%
arrange(rls_date) -> apa_yrs
ggplot() +
#+ apache-history, fig.width=12.5, fig.height=5
ggplot() +
geom_blank(
data = apa_vers, aes(v, n)
) +
@ -151,50 +278,125 @@ ggplot() +
linetype = "dotted", size = 0.25, color = "white"
) +
geom_segment(
data = apa_vers, aes(v, n, xend=v, yend=0),
data = apa_vers, aes(v, n, xend=v, yend=0),
color = ft_cols$gray, size = 8
) +
) +
geom_label(
data = apa_yrs, aes(vers, Inf, label = rls_year),
family = font_rc, color = "white", fill = "#262a31", size = 4,
vjust = 1, hjust = 0, nudge_x = 0.01, label.size = 0
) +
scale_y_comma(limits = c(0, 15)) +
labs(
x = "Apache Version #", y = "# Servers",
title = "CRAN Mirrors Apache Version History"
) +
theme_ft_rc(grid="Y") +
theme(axis.text.x = element_text(family = "mono", size = 8, color = "white"))
#' #### nginx
nginx_version_history() %>%
arrange(rls_date) %>%
mutate(
vers = factor(as.character(vers), levels = as.character(vers))
) -> ngx_all
filter(svr, kind == "nginx") %>%
filter(!is.na(version)) %>%
mutate(version = stri_replace_all_regex(version, " .*$", "")) %>%
count(version) %>%
separate(version, c("maj", "min", "pat"), sep="\\.", convert = TRUE, fill = "right") %>%
mutate(v = sprintf("%s.%s.%s", maj, min, pat)) %>%
mutate(v = factor(v, levels = ngx_all$vers)) %>%
arrange(v) -> ngx_vers
filter(ngx_all, vers %in% ngx_vers$v) %>%
arrange(rls_date) %>%
group_by(rls_year) %>%
slice(1) %>%
ungroup() %>%
arrange(rls_date) -> ngx_yrs
#+ nginx-history, fig.width=8, fig.height=5
ggplot() +
geom_blank(
data = ngx_vers, aes(v, n)
) +
geom_segment(
data = ngx_yrs, aes(vers, 0, xend=vers, yend=Inf),
linetype = "dotted", size = 0.25, color = "white"
) +
geom_segment(
data = ngx_vers, aes(v, n, xend=v, yend=0),
color = ft_cols$gray, size = 8
) +
geom_label(
data = apa_yrs, aes(vers, Inf, label = rls_year),
data = ngx_yrs, aes(vers, Inf, label = rls_year),
family = font_rc, color = "white", fill = "#262a31", size = 4,
vjust = 1, hjust = 0, nudge_x = 0.01, label.size = 0
) +
scale_y_comma(limits = c(0, 15)) +
labs(
x = "Apache Version #", y = "# Servers"
x = "nginx Version #", y = "# Servers",
title = "CRAN Mirrors nginx Version History"
) +
theme_ft_rc(grid="Y") +
theme(axis.text.x = element_text(family = "mono", color = "white"))
cran_mirror_other_things <- readRDS("~/data/cran-mirror-other-things.rds")
#' ### What else do CRAN mirrors run?
distinct(cran_mirror_other_things, ip, port) %>%
count(ip, sort = TRUE)
cran_mirror_other_things <- readRDS(here::here("data/cran-mirror-other-things.rds"))
distinct(cran_mirror_other_things, ip, port) %>%
#' #### A look by port
distinct(cran_mirror_other_things, ip, port) %>%
count(ip, sort = TRUE) %>%
head(20)
#+ other-stuff, fig.width=6, fig.height=4
distinct(cran_mirror_other_things, ip, port) %>%
filter(!(port %in% c(21, 80, 443))) %>%
count(ip) %>%
count(n) %>%
mutate(n = factor(n)) %>%
ggplot() +
geom_segment(
aes(n, nn, xend = n, yend = 0), size = 10, color = ft_cols$gray
) +
scale_y_comma() +
labs(
x = "Total number of running services", y = "# hosts",
title = "How many other services do CRAN mirrors run?",
subtitle = "NOTE: Not counting 80/443/21"
) +
theme_ft_rc(grid="Y")
#' Take a look at a few of them
distinct(cran_mirror_other_things, ip, port) %>%
count(port, sort=TRUE)
distinct(cran_mirror_other_things, ip, port) %>%
distinct(cran_mirror_other_things, ip, port) %>%
filter(ip == "104.25.94.23")
distinct(cran_mirror_other_things, ip, port) %>%
distinct(cran_mirror_other_things, ip, port) %>%
filter(ip == "143.107.10.17")
distinct(cran_mirror_other_things, ip, port) %>%
distinct(cran_mirror_other_things, ip, port) %>%
filter(ip == "137.208.57.37")
cran_recog <- readRDS("~/data/cran-recog.rds")
count(cran_recog, ip, sort=TRUE)
distinct(cran_recog, ip, cpe) %>%
filter(ip == "192.75.96.254")
distinct(cran_recog, ip, cpe) %>%
count(ip, sort=TRUE)
#' #### What kinds of services were detected?
cran_dns <- readRDS("~/data/cran-dns.rds")
cran_recog <- readRDS(here::here("data/cran-recog.rds"))
distinct(cran_recog, ip, cpe) %>%
count(cpe, sort = TRUE) %>%
head(50)
#' ### What other DNS entries use CRAN IPs?
cran_dns <- readRDS(here::here("data/cran-dns.rds"))
filter(cran_dns, !grepl("CLOUDFLARENET|AMAZON", as_name)) %>%
count(value, as_name, sort = TRUE)

2531
orly.html

File diff suppressed because one or more lines are too long

1024
orly.md

File diff suppressed because it is too large

BIN
orly_files/figure-html/alt-names-ct-1.png

Binary file not shown.

After

Width:  |  Height:  |  Size: 90 KiB

BIN
orly_files/figure-html/apache-history-1.png

Binary file not shown.

After

Width:  |  Height:  |  Size: 111 KiB

BIN
orly_files/figure-html/cran-map-1.png

Binary file not shown.

After

Width:  |  Height:  |  Size: 388 KiB

BIN
orly_files/figure-html/nginx-history-1.png

Binary file not shown.

After

Width:  |  Height:  |  Size: 72 KiB

BIN
orly_files/figure-html/other-stuff-1.png

Binary file not shown.

After

Width:  |  Height:  |  Size: 53 KiB

BIN
orly_files/figure-html/testssl-1.png

Binary file not shown.

After

Width:  |  Height:  |  Size: 650 KiB

Loading…
Cancel
Save