Exploring CRAN claims of the "security" of CRAN mirrors
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 

1020 lines
56 KiB

[
{
"id" : "service",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "HTTP"
}
, {
"id" : "SSLv2",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"finding" : "not offered"
}
, {
"id" : "SSLv3",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"finding" : "not offered"
}
, {
"id" : "TLS1",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "offered"
}
, {
"id" : "TLS1_1",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "offered"
}
, {
"id" : "TLS1_2",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "TLS1_3",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered and downgraded to a weaker protocol"
}
, {
"id" : "NPN",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered"
}
, {
"id" : "ALPN",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "not offered"
}
, {
"id" : "cipherlist_NULL",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_aNULL",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_EXPORT",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_LOW",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-327",
"finding" : "not offered"
}
, {
"id" : "cipherlist_3DES_IDEA",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"cwe" : "CWE-310",
"finding" : "not offered"
}
, {
"id" : "cipherlist_AVERAGE",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "LOW",
"cwe" : "CWE-310",
"finding" : "offered"
}
, {
"id" : "cipherlist_STRONG",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "PFS",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"finding" : "offered"
}
, {
"id" : "PFS_ciphers",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA DHE-RSA-CAMELLIA256-SHA ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-SHA256 DHE-RSA-AES128-SHA DHE-RSA-SEED-SHA DHE-RSA-CAMELLIA128-SHA"
}
, {
"id" : "PFS_ECDHE_curves",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"finding" : "secp256k1 prime256v1 secp384r1 secp521r1"
}
, {
"id" : "DH_groups",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"finding" : "RFC3526/Oakley Group 14"
}
, {
"id" : "cipher_order",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"finding" : "server"
}
, {
"id" : "protocol_negotiated",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"finding" : "Default protocol TLS1.2"
}
, {
"id" : "cipher_negotiated",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"finding" : "ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)"
}
, {
"id" : "cipherorder_TLSv1",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-SHA DHE-RSA-AES256-SHA DHE-RSA-CAMELLIA256-SHA DHE-RSA-AES128-SHA DHE-RSA-SEED-SHA DHE-RSA-CAMELLIA128-SHA"
}
, {
"id" : "cipherorder_TLSv1_1",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-SHA DHE-RSA-AES256-SHA DHE-RSA-CAMELLIA256-SHA DHE-RSA-AES128-SHA DHE-RSA-SEED-SHA DHE-RSA-CAMELLIA128-SHA"
}
, {
"id" : "cipherorder_TLSv1_2",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-SHA DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA DHE-RSA-CAMELLIA256-SHA DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-SHA256 DHE-RSA-AES128-SHA DHE-RSA-SEED-SHA DHE-RSA-CAMELLIA128-SHA"
}
, {
"id" : "TLS_extensions",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "'server name/#0' 'renegotiation info/#65281' 'EC point formats/#11' 'session ticket/#35' 'heartbeat/#15'"
}
, {
"id" : "TLS_session_ticket",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "valid for 300 seconds only (<daily)"
}
, {
"id" : "SSL_sessionID_support",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "yes"
}
, {
"id" : "sessionresumption_ticket",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "supported"
}
, {
"id" : "sessionresumption_ID",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "supported"
}
, {
"id" : "TLS_timestamp",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "random"
}
, {
"id" : "cert_numbers",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "1"
}
, {
"id" : "cert_signatureAlgorithm",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"finding" : "SHA256 with RSA"
}
, {
"id" : "cert_keySize",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "2048 bits"
}
, {
"id" : "cert_keyUsage",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "Digital Signature, Key Encipherment"
}
, {
"id" : "cert_extKeyUsage",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "cert_ext_keyusage"
}
, {
"id" : "cert_serialNumber",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "95F850884489A96731929702BCC06DB1"
}
, {
"id" : "cert_fingerprintSHA1",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "F1669BC71643B51363A3A565AE67F3C1B4BA4EE0"
}
, {
"id" : "cert_fingerprintSHA256",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "010DFC3A1092ABDE4444CCD0803CBD2C375AE7FC1E93511BA8B4495C0094E355"
}
, {
"id" : "cert",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "-----BEGIN CERTIFICATE----- MIIZBTCCF+2gAwIBAgIRAJX4UIhEialnMZKXArzAbbEwDQYJKoZIhvcNAQELBQAw djELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1JMRIwEAYDVQQHEwlBbm4gQXJib3Ix EjAQBgNVBAoTCUludGVybmV0MjERMA8GA1UECxMISW5Db21tb24xHzAdBgNVBAMT FkluQ29tbW9uIFJTQSBTZXJ2ZXIgQ0EwHhcNMTgxMDE1MDAwMDAwWhcNMjAxMDE0 MjM1OTU5WjCB1zELMAkGA1UEBhMCVVMxDjAMBgNVBBETBTk0NzIwMQswCQYDVQQI EwJDQTERMA8GA1UEBxMIQmVya2VsZXkxIjAgBgNVBAkMGTIwMCBDYWxpZm9ybmlh IEhhbGwgIzE1MDAxSDBGBgNVBAoTP1VuaXZlcnNpdHkgb2YgQ2FsaWZvcm5pYSwg QmVya2VsZXkgKFJlZ2VudHMgb2YgdGhlIFVuaXYuIG9mIENBKTEMMAoGA1UECxMD Q05SMRwwGgYDVQQDExNuYXR1cmUuYmVya2VsZXkuZWR1MIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEA1iDKJJ6QhisMnj9CiRT5otMHNtkR/ALS5mY2DMqV HEXx4V2Q2tVMWani5bIk4iO1QnX3NDtEpykDSapHrjiY5UxmnmWINuw2ua8UdyFB sy+RILZLTD8a4neXQN4teLbVfS5Ay3F8SI6lGYuhNJ3eRDA+651BQyEOmQ63KQwb OWi7nhzBhhzgK+gD8FiIiUqriw4FfD8Zbo8v6tpdrWtCCwLcAuHjZtPwrDRchcpa dg6gEzwCnVX24hzgNZfQU2K7+dQYPoX0KJDA6F23avGn41WSnLzEOGKjtlcXqvA5 PZeZzXoSdpNGyqPciNTMdL8DZSlcaAohN5pk9o3Rey0q/wIDAQABo4IVKjCCFSYw HwYDVR0jBBgwFoAUHgWjd49sluJbh0umtIascQAM5zgwHQYDVR0OBBYEFC/aYKol KZq36WgObCZyCbZEqLu+MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBnBgNVHSAEYDBeMFIGDCsGAQQB riMBBAMBATBCMEAGCCsGAQUFBwIBFjRodHRwczovL3d3dy5pbmNvbW1vbi5vcmcv Y2VydC9yZXBvc2l0b3J5L2Nwc19zc2wucGRmMAgGBmeBDAECAjBEBgNVHR8EPTA7 MDmgN6A1hjNodHRwOi8vY3JsLmluY29tbW9uLXJzYS5vcmcvSW5Db21tb25SU0FT ZXJ2ZXJDQS5jcmwwdQYIKwYBBQUHAQEEaTBnMD4GCCsGAQUFBzAChjJodHRwOi8v Y3J0LnVzZXJ0cnVzdC5jb20vSW5Db21tb25SU0FTZXJ2ZXJDQV8yLmNydDAlBggr BgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTCCEf4GA1UdEQSCEfUw ghHxghNuYXR1cmUuYmVya2VsZXkuZWR1ghlhZy1sYWJvci5jbnIuYmVya2VsZXku ZWR1gh1hZ3JvLWxhYm9yYWwuY25yLmJlcmtlbGV5LmVkdYIYYWdyb2Vjb2xvZ3ku YmVya2VsZXkuZWR1ghhhbnRob2ZmLmVyZy5iZXJrZWxleS5lZHWCGGFyZS1kZXYu Y25yLmJlcmtlbGV5LmVkdYIZYXJlLXByb2QuY25yLmJlcmtlbGV5LmVkdYIXYXJl LXFhLmNuci5iZXJrZWxleS5lZHWCEGFyZS5iZXJrZWxleS5lZHWCFGFyZWJldGEu YmVya2VsZXkuZWR1ghNhcmV3ZWIuYmVya2VsZXkuZWR1ghthdGtpbnMtZGV2LmNu ci5iZXJrZWxleS5lZHWCHGF0a2lucy1wcm9kLmNuci5iZXJrZWxleS5lZHWCGmF0 a2lucy1xYS5jbnIuYmVya2VsZXkuZWR1ghNhdGtpbnMuYmVya2VsZXkuZWR1gh1i YWtlcmxhYi1kZXYuY25yLmJlcmtlbGV5LmVkdYIeYmFrZXJsYWItcHJvZC5jbnIu YmVya2VsZXkuZWR1ghxiYWtlcmxhYi1xYS5jbnIuYmVya2VsZXkuZWR1ghViYW1n LmNuci5iZXJrZWxleS5lZHWCHmJlYWhyc2VscC1kZXYuY25yLmJlcmtlbGV5LmVk dYIfYmVhaHJzZWxwLXByb2QuY25yLmJlcmtlbGV5LmVkdYIdYmVhaHJzZWxwLXFh LmNuci5iZXJrZWxleS5lZHWCFmJlYWhyc2VscC5iZXJrZWxleS5lZHWCEWJlZWcu YmVya2VsZXkuZWR1giliZXJrZWxleWZvcmVzdGhlYWx0aGxhYi5lc3BtLmJlcmtl bGV5LmVkdYIQYmhsLmJlcmtlbGV5LmVkdYIfYmlvaW5mb3JtYXRpY3MuY25yLmJl cmtlbGV5LmVkdYIiYnJlYWt0aHJvdWdocy1kZXYuY25yLmJlcmtlbGV5LmVkdYIh YnJlYWt0aHJvdWdocy1xYS5jbnIuYmVya2VsZXkuZWR1gh5icmVha3Rocm91Z2hz LmNuci5iZXJrZWxleS5lZHWCEGNhZi5iZXJrZWxleS5lZHWCFmNhbGVqLmNuci5i ZXJrZWxleS5lZHWCHGNhbGZvcmVzdHJ5LmNuci5iZXJrZWxleS5lZHWCF2NhbWZl ci5jbnIuYmVya2VsZXkuZWR1gh1jYW1wYWlnbi1kZXYuY25yLmJlcmtlbGV5LmVk dYIcY2FtcGFpZ24tcWEuY25yLmJlcmtlbGV5LmVkdYIZY2FtcGFpZ24uY25yLmJl cmtlbGV5LmVkdYIUY2VwYXJldi5iZXJrZWxleS5lZHWCEGNuci5iZXJrZWxleS5l ZHWCIGNvbXBiaW9jaGVtLWRldi5jbnIuYmVya2VsZXkuZWR1gh9jb21wYmlvY2hl bS1xYS5jbnIuYmVya2VsZXkuZWR1ghhjb21wYmlvY2hlbS5iZXJrZWxleS5lZHWC GGNvbXB1dGUuY25yLmJlcmtlbGV5LmVkdYIVY3Jhbi5jbnIuYmVya2VsZXkuZWR1 ghhjcm0tZGV2LmNuci5iZXJrZWxleS5lZHWCF2NybS1xYS5jbnIuYmVya2VsZXku ZWR1ghBjcm0uYmVya2VsZXkuZWR1ghBjd2guYmVya2VsZXkuZWR1ghhkYXItZGV2 LmNuci5iZXJrZWxleS5lZHWCFGRhci5jbnIuYmVya2VsZXkuZWR1ghhkZnMtb2xk LmNuci5iZXJrZWxleS5lZHWCEGRmcy5iZXJrZWxleS5lZHWCFWVjbnItb2xkLmJl cmtlbGV5LmVkdYIXZWVlc2VtaW5hci5iZXJrZWxleS5lZHWCEGVtMy5iZXJrZWxl eS5lZHWCEWVtYWMuYmVya2VsZXkuZWR1ghJlbmxhYi5iZXJrZWxleS5lZHWCG2Vu dG9tb2xvZ3kuY25yLmJlcmtlbGV5LmVkdYIiZW52aXJvbm1lbnRhbHNjaWVuY2Vz LmJlcmtlbGV5LmVkdYIWZW52aXJvc2NpLmJlcmtlbGV5LmVkdYIVZXBtYi1vbGQu YmVya2VsZXkuZWR1ghhlcmctZGV2LmNuci5iZXJrZWxleS5lZHWCF2VyZy1xYS5j bnIuYmVya2VsZXkuZWR1ghBlcmcuYmVya2VsZXkuZWR1ghllc3BtLWRldi5jbnIu YmVya2VsZXkuZWR1ghhlc3BtLXFhLmNuci5iZXJrZWxleS5lZHWCEWVzcG0uYmVy a2VsZXkuZWR1ghVlc3BtYmV0YS5iZXJrZWxleS5lZHWCF2ZpcmVjZW50ZXIuYmVy a2VsZXkuZWR1ghtmaXJlY2VudGVyYmV0YS5iZXJrZWxleS5lZHWCGWZvcmVzdHJ5 LWRldi5iZXJrZWxleS5lZHWCFWZvcmVzdHJ5LmJlcmtlbGV5LmVkdYIZZm9yZXN0 cnljYW1wLmJlcmtlbGV5LmVkdYIcZm9yZXN0cy1kZXYuY25yLmJlcmtlbGV5LmVk dYIdZm9yZXN0cy1wcm9kLmNuci5iZXJrZWxleS5lZHWCG2ZvcmVzdHMtcWEuY25y LmJlcmtlbGV5LmVkdYIUZm9yZXN0cy5iZXJrZWxleS5lZHWCFWdldGguY25yLmJl cmtlbGV5LmVkdYIYZ2lmLWRldi5jbnIuYmVya2VsZXkuZWR1ghlnaWYtcHJvZC5j bnIuYmVya2VsZXkuZWR1ghdnaWYtcWEuY25yLmJlcmtlbGV5LmVkdYIWZ2l2ZXRv Y25yLmJlcmtlbGV5LmVkdYITZ2xvYmFsLmJlcmtlbGV5LmVkdYIZZ3Jvd2luZ3Jv b3RzLmJlcmtlbGV5LmVkdYIYaWVwLWRldi5jbnIuYmVya2VsZXkuZWR1ghdpZXAt cWEuY25yLmJlcmtlbGV5LmVkdYIQaWVwLmJlcmtlbGV5LmVkdYIZaW52YXNpdmUu Y25yLmJlcmtlbGV5LmVkdYIUbGFuZGxhYi5iZXJrZWxleS5lZHWCE2x1Y2xhYi5i ZXJrZWxleS5lZHWCGG1hY2F1bGF5bGFiLmJlcmtlbGV5LmVkdYIPbWIuYmVya2Vs ZXkuZWR1ghhtZHAtZGV2LmNuci5iZXJrZWxleS5lZHWCGW1kcC1wcm9kLmNuci5i ZXJrZWxleS5lZHWCF21kcC1xYS5jbnIuYmVya2VsZXkuZWR1ghBtZHAuYmVya2Vs ZXkuZWR1ghRtZHBiZXRhLmJlcmtlbGV5LmVkdYIdbWV0YWJvbGljYmlvbG9neS5i ZXJrZWxleS5lZHWCE21vbHRveC5iZXJrZWxleS5lZHWCG25hdHVyZS1kZXYuY25y LmJlcmtlbGV5LmVkdYIcbmF0dXJlLXByb2QuY25yLmJlcmtlbGV5LmVkdYIabmF0 dXJlLXFhLmNuci5iZXJrZWxleS5lZHWCF25hdHVyZS5jbnIuYmVya2VsZXkuZWR1 ghRuYXR1cmUxLmJlcmtlbGV5LmVkdYIbbmF0dXJlYmV0YS5jbnIuYmVya2VsZXku ZWR1ghtub3JjYWxoZWFsLmNuci5iZXJrZWxleS5lZHWCF25zZmVscC5jbnIuYmVy a2VsZXkuZWR1ghhuc3QtZGV2LmNuci5iZXJrZWxleS5lZHWCGW5zdC1wcm9kLmNu ci5iZXJrZWxleS5lZHWCF25zdC1xYS5jbnIuYmVya2VsZXkuZWR1ghBuc3QuYmVy a2VsZXkuZWR1ghhuc3RiZXRhLmNuci5iZXJrZWxleS5lZHWCFm51dHJpdGlvbi5i ZXJrZWxleS5lZHWCFW9ha3MuY25yLmJlcmtlbGV5LmVkdYIjb3VyZW52aXJvbm1l bnQtZGV2LmNuci5iZXJrZWxleS5lZHWCJG91cmVudmlyb25tZW50LXByb2QuY25y LmJlcmtlbGV5LmVkdYIib3VyZW52aXJvbm1lbnQtcWEuY25yLmJlcmtlbGV5LmVk dYIbb3VyZW52aXJvbm1lbnQuYmVya2VsZXkuZWR1giNvdXRkb29yLWVuZ2FnZW1l bnQuY25yLmJlcmtlbGV5LmVkdYImb3V0ZG9vcmVuZ2FnZW1lbnQtZGV2LmNuci5i ZXJrZWxleS5lZHWCJ291dGRvb3JlbmdhZ2VtZW50LXByb2QuY25yLmJlcmtlbGV5 LmVkdYIlb3V0ZG9vcmVuZ2FnZW1lbnQtcWEuY25yLmJlcmtlbGV5LmVkdYIeb3V0 ZG9vcmVuZ2FnZW1lbnQuYmVya2VsZXkuZWR1ghpwYXJrcy1kZXYuY25yLmJlcmtl bGV5LmVkdYIbcGFya3MtcHJvZC5jbnIuYmVya2VsZXkuZWR1ghlwYXJrcy1xYS5j bnIuYmVya2VsZXkuZWR1ghJwYXJrcy5iZXJrZWxleS5lZHWCHHBhcmtzZm9yc2Np ZW5jZS5iZXJrZWxleS5lZHWCIXBhcmtzbmV4dDEwMC1kZXYuY25yLmJlcmtlbGV5 LmVkdYIgcGFya3NuZXh0MTAwLXFhLmNuci5iZXJrZWxleS5lZHWCGXBhcmtzbmV4 dDEwMC5iZXJrZWxleS5lZHWCGnBlYXJsLWFwaS5jbnIuYmVya2VsZXkuZWR1ghJw ZWFybC5iZXJrZWxleS5lZHWCKXBsYW50YW5kbWljcm9iaW9sb2d5LWRldi5jbnIu YmVya2VsZXkuZWR1gipwbGFudGFuZG1pY3JvYmlvbG9neS1wcm9kLmNuci5iZXJr ZWxleS5lZHWCKHBsYW50YW5kbWljcm9iaW9sb2d5LXFhLmNuci5iZXJrZWxleS5l ZHWCFHBtYmJldGEuYmVya2VsZXkuZWR1giBwbWJsYWJzaXRlcy1kZXYuY25yLmJl cmtlbGV5LmVkdYIhcG1ibGFic2l0ZXMtcHJvZC5jbnIuYmVya2VsZXkuZWR1gh9w bWJsYWJzaXRlcy1xYS5jbnIuYmVya2VsZXkuZWR1giFwbWJsYWJzaXRlczItZGV2 LmNuci5iZXJrZWxleS5lZHWCInBtYmxhYnNpdGVzMi1wcm9kLmNuci5iZXJrZWxl eS5lZHWCIHBtYmxhYnNpdGVzMi1xYS5jbnIuYmVya2VsZXkuZWR1ggxyLW5pbWJs ZS5vcmeCF3JhbmdlbGFuZHMuYmVya2VsZXkuZWR1ghFyaXBtLmJlcmtlbGV5LmVk dYITcnQuY25yLmJlcmtlbGV5LmVkdYIac2l0ZTEtZGV2LmNuci5iZXJrZWxleS5l ZHWCG3NpdGUxLXByb2QuY25yLmJlcmtlbGV5LmVkdYIZc2l0ZTEtcWEuY25yLmJl cmtlbGV5LmVkdYIac2l0ZTItZGV2LmNuci5iZXJrZWxleS5lZHWCG3NpdGUyLXBy b2QuY25yLmJlcmtlbGV5LmVkdYIZc2l0ZTItcWEuY25yLmJlcmtlbGV5LmVkdYIa c2l0ZTMtZGV2LmNuci5iZXJrZWxleS5lZHWCG3NpdGUzLXByb2QuY25yLmJlcmtl bGV5LmVkdYIZc2l0ZTMtcWEuY25yLmJlcmtlbGV5LmVkdYIac2l0ZTQtZGV2LmNu ci5iZXJrZWxleS5lZHWCG3NpdGU0LXByb2QuY25yLmJlcmtlbGV5LmVkdYIZc2l0 ZTQtcWEuY25yLmJlcmtlbGV5LmVkdYIWc25hbXAuY25yLmJlcmtlbGV5LmVkdYIW c3RhZmYuY25yLmJlcmtlbGV5LmVkdYIbc3RhdGlzdGljcy5jbnIuYmVya2VsZXku ZWR1ghd0b3hpY29sb2d5LmJlcmtlbGV5LmVkdYIWdHdpa2kuY25yLmJlcmtlbGV5 LmVkdYIadHdpa2liZXRhLmNuci5iZXJrZWxleS5lZHWCHnVjYmlvdGVjaGJldGEu Y25yLmJlcmtlbGV5LmVkdYIWdWNmcGwuY25yLmJlcmtlbGV5LmVkdYIVd2lraS5j bnIuYmVya2VsZXkuZWR1ghR3d3cuYXJlLmJlcmtlbGV5LmVkdYIUd3d3LmNuci5i ZXJrZWxleS5lZHWCF3d3dy5sdWNsYWIuYmVya2VsZXkuZWR1MIIBfQYKKwYBBAHW eQIEAgSCAW0EggFpAWcAdwDuS723dc5guuFCaR+r4Z5mow9+X7By2IMAxHuJeqj9 ywAAAWZ4axmLAAAEAwBIMEYCIQDrB/4mQBX3I56N6eHhocVEOp35aBZeaV0Rk5RL pHld7QIhAJzNeOBtsqwm17IODaCm5LHfzoAFgfAVqBjB5S1/LKf6AHUAXqdz+d9W wOe1Nkh90EngMnqRmgyEoRIShBh1loFxRVgAAAFmeGsbhwAABAMARjBEAiA3+BO1 jC/4gNF1GJ/xmsVpvIR/gE0QxKNzpWDihMLZ8QIgBahAkc1qo+TgWIEVQZVAjUWI PCJ33VPiOzMm+JNxdqMAdQBVgdTCFpA2AUrqC5tXPFPwwOQ4eHAlCBcvo6odBxPT DAAAAWZ4axoDAAAEAwBGMEQCIAWJU9vB3ZVpwAXxxZqGLLfrR23I6ERlqleEQYeR zxImAiBZSNHWk4Gj7A1OSXVN9/9eiNhmaKNugebRweoZSOVMXDANBgkqhkiG9w0B AQsFAAOCAQEAh3kvj6O6VDJeQ87cxioaEro001UfJsOfjcxC/p589Z0MTsZSVNvu HDu+r3Y/sRZyXj6/fhIfEVe6+mR8SRxwNbz608waXbC5V64+3dxorvhl8Dkcs6LY hbok4GODPDVBKsFN2uI11mlzWBCikvmLhCGREjRLiN6iqDONDLoNeRs2ub69XA8j EPbnpxakn4oNNXPLzbkFDT330uBXd6Sg2ZTMgraXMz0zK7OjpJ/6RA7OzgEtBfuz we2H2z6Qd1WCKtzMKMGT5v3Y+dw69U+NHvo1A97LY5Nza+XIWWoJW6QPQ5UGsM90 186CkDscgo7DjnFKKX7aW/eGBsWdOcwcUw== -----END CERTIFICATE-----"
}
, {
"id" : "cert_commonName",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"finding" : "nature.berkeley.edu"
}
, {
"id" : "cert_commonName_wo_SNI",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "nature.berkeley.edu"
}
, {
"id" : "cert_subjectAltName",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "nature.berkeley.edu ag-labor.cnr.berkeley.edu agro-laboral.cnr.berkeley.edu agroecology.berkeley.edu anthoff.erg.berkeley.edu are-dev.cnr.berkeley.edu are-prod.cnr.berkeley.edu are-qa.cnr.berkeley.edu are.berkeley.edu arebeta.berkeley.edu areweb.berkeley.edu atkins-dev.cnr.berkeley.edu atkins-prod.cnr.berkeley.edu atkins-qa.cnr.berkeley.edu atkins.berkeley.edu bakerlab-dev.cnr.berkeley.edu bakerlab-prod.cnr.berkeley.edu bakerlab-qa.cnr.berkeley.edu bamg.cnr.berkeley.edu beahrselp-dev.cnr.berkeley.edu beahrselp-prod.cnr.berkeley.edu beahrselp-qa.cnr.berkeley.edu beahrselp.berkeley.edu beeg.berkeley.edu berkeleyforesthealthlab.espm.berkeley.edu bhl.berkeley.edu bioinformatics.cnr.berkeley.edu breakthroughs-dev.cnr.berkeley.edu breakthroughs-qa.cnr.berkeley.edu breakthroughs.cnr.berkeley.edu caf.berkeley.edu calej.cnr.berkeley.edu calforestry.cnr.berkeley.edu camfer.cnr.berkeley.edu campaign-dev.cnr.berkeley.edu campaign-qa.cnr.berkeley.edu campaign.cnr.berkeley.edu ceparev.berkeley.edu cnr.berkeley.edu compbiochem-dev.cnr.berkeley.edu compbiochem-qa.cnr.berkeley.edu compbiochem.berkeley.edu compute.cnr.berkeley.edu cran.cnr.berkeley.edu crm-dev.cnr.berkeley.edu crm-qa.cnr.berkeley.edu crm.berkeley.edu cwh.berkeley.edu dar-dev.cnr.berkeley.edu dar.cnr.berkeley.edu dfs-old.cnr.berkeley.edu dfs.berkeley.edu ecnr-old.berkeley.edu eeeseminar.berkeley.edu em3.berkeley.edu emac.berkeley.edu enlab.berkeley.edu entomology.cnr.berkeley.edu environmentalsciences.berkeley.edu envirosci.berkeley.edu epmb-old.berkeley.edu erg-dev.cnr.berkeley.edu erg-qa.cnr.berkeley.edu erg.berkeley.edu espm-dev.cnr.berkeley.edu espm-qa.cnr.berkeley.edu espm.berkeley.edu espmbeta.berkeley.edu firecenter.berkeley.edu firecenterbeta.berkeley.edu forestry-dev.berkeley.edu forestry.berkeley.edu forestrycamp.berkeley.edu forests-dev.cnr.berkeley.edu forests-prod.cnr.berkeley.edu forests-qa.cnr.berkeley.edu forests.berkeley.edu geth.cnr.berkeley.edu gif-dev.cnr.berkeley.edu gif-prod.cnr.berkeley.edu gif-qa.cnr.berkeley.edu givetocnr.berkeley.edu global.berkeley.edu growingroots.berkeley.edu iep-dev.cnr.berkeley.edu iep-qa.cnr.berkeley.edu iep.berkeley.edu invasive.cnr.berkeley.edu landlab.berkeley.edu luclab.berkeley.edu macaulaylab.berkeley.edu mb.berkeley.edu mdp-dev.cnr.berkeley.edu mdp-prod.cnr.berkeley.edu mdp-qa.cnr.berkeley.edu mdp.berkeley.edu mdpbeta.berkeley.edu metabolicbiology.berkeley.edu moltox.berkeley.edu nature-dev.cnr.berkeley.edu nature-prod.cnr.berkeley.edu nature-qa.cnr.berkeley.edu nature.cnr.berkeley.edu nature1.berkeley.edu naturebeta.cnr.berkeley.edu norcalheal.cnr.berkeley.edu nsfelp.cnr.berkeley.edu nst-dev.cnr.berkeley.edu nst-prod.cnr.berkeley.edu nst-qa.cnr.berkeley.edu nst.berkeley.edu nstbeta.cnr.berkeley.edu nutrition.berkeley.edu oaks.cnr.berkeley.edu ourenvironment-dev.cnr.berkeley.edu ourenvironment-prod.cnr.berkeley.edu ourenvironment-qa.cnr.berkeley.edu ourenvironment.berkeley.edu outdoor-engagement.cnr.berkeley.edu outdoorengagement-dev.cnr.berkeley.edu outdoorengagement-prod.cnr.berkeley.edu outdoorengagement-qa.cnr.berkeley.edu outdoorengagement.berkeley.edu parks-dev.cnr.berkeley.edu parks-prod.cnr.berkeley.edu parks-qa.cnr.berkeley.edu parks.berkeley.edu parksforscience.berkeley.edu parksnext100-dev.cnr.berkeley.edu parksnext100-qa.cnr.berkeley.edu parksnext100.berkeley.edu pearl-api.cnr.berkeley.edu pearl.berkeley.edu plantandmicrobiology-dev.cnr.berkeley.edu plantandmicrobiology-prod.cnr.berkeley.edu plantandmicrobiology-qa.cnr.berkeley.edu pmbbeta.berkeley.edu pmblabsites-dev.cnr.berkeley.edu pmblabsites-prod.cnr.berkeley.edu pmblabsites-qa.cnr.berkeley.edu pmblabsites2-dev.cnr.berkeley.edu pmblabsites2-prod.cnr.berkeley.edu pmblabsites2-qa.cnr.berkeley.edu r-nimble.org rangelands.berkeley.edu ripm.berkeley.edu rt.cnr.berkeley.edu site1-dev.cnr.berkeley.edu site1-prod.cnr.berkeley.edu site1-qa.cnr.berkeley.edu site2-dev.cnr.berkeley.edu site2-prod.cnr.berkeley.edu site2-qa.cnr.berkeley.edu site3-dev.cnr.berkeley.edu site3-prod.cnr.berkeley.edu site3-qa.cnr.berkeley.edu site4-dev.cnr.berkeley.edu site4-prod.cnr.berkeley.edu site4-qa.cnr.berkeley.edu snamp.cnr.berkeley.edu staff.cnr.berkeley.edu statistics.cnr.berkeley.edu toxicology.berkeley.edu twiki.cnr.berkeley.edu twikibeta.cnr.berkeley.edu ucbiotechbeta.cnr.berkeley.edu ucfpl.cnr.berkeley.edu wiki.cnr.berkeley.edu www.are.berkeley.edu www.cnr.berkeley.edu www.luclab.berkeley.edu"
}
, {
"id" : "cert_caIssuers",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "InCommon RSA Server CA (Internet2 from US)"
}
, {
"id" : "cert_trust",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"finding" : "Ok via SAN (same w/o SNI)"
}
, {
"id" : "cert_chain_of_trust",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"finding" : "passed."
}
, {
"id" : "cert_certificatePolicies_EV",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "no"
}
, {
"id" : "cert_eTLS",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "not present"
}
, {
"id" : "cert_expiration_status",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"finding" : "591 >= 60 days"
}
, {
"id" : "cert_notBefore",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "2018-10-14 20:00"
}
, {
"id" : "cert_notAfter",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"finding" : "2020-10-14 19:59"
}
, {
"id" : "certs_countServer",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "3"
}
, {
"id" : "certs_list_ordering_problem",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "no"
}
, {
"id" : "cert_crlDistributionPoints",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "http://crl.incommon-rsa.org/InCommonRSAServerCA.crl"
}
, {
"id" : "cert_ocspURL",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "http://ocsp.usertrust.com"
}
, {
"id" : "OCSP_stapling",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "LOW",
"finding" : "not offered"
}
, {
"id" : "cert_mustStapleExtension",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "--"
}
, {
"id" : "DNS_CAArecord",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "LOW",
"finding" : "--"
}
, {
"id" : "certificate_transparency",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"finding" : "yes (certificate extension)"
}
, {
"id" : "HTTP_status_code",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "200 OK ('/')"
}
, {
"id" : "HTTP_clock_skew",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "0 seconds from localtime"
}
, {
"id" : "HSTS_time",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"finding" : "365 days (=31536000 seconds) > 15465600 seconds"
}
, {
"id" : "HSTS_subdomains",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"finding" : "includes subdomains"
}
, {
"id" : "HSTS_preload",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "domain is NOT marked for preloading"
}
, {
"id" : "HPKP",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "No support for HTTP Public Key Pinning"
}
, {
"id" : "banner_server",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips mod_wsgi/3.4 Python/2.7.5 mod_perl/2.0.10 Perl/v5.16.3"
}
, {
"id" : "banner_application",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "No application banner found"
}
, {
"id" : "cookie_count",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "0 at '/'"
}
, {
"id" : "security_headers",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "MEDIUM",
"finding" : "--"
}
, {
"id" : "banner_reverseproxy",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"cwe" : "CWE-200",
"finding" : "--"
}
, {
"id" : "heartbleed",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-0160",
"cwe" : "CWE-119",
"finding" : "not vulnerable , timed out"
}
, {
"id" : "CCS",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-0224",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "ticketbleed",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-9244",
"cwe" : "CWE-200",
"finding" : "not vulnerable"
}
, {
"id" : "ROBOT",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2017-17382 CVE-2017-17427 CVE-2017-17428 CVE-2017-13098 CVE-2017-1000385 CVE-2017-13099 CVE-2016-6883 CVE-2012-5081 CVE-2017-6168",
"cwe" : "CWE-203",
"finding" : "not vulnerable, no RSA key transport cipher"
}
, {
"id" : "secure_renego",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2009-3555",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "secure_client_renego",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2009-3555",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "CRIME_TLS",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2012-4929",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "BREACH",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2013-3587",
"cwe" : "CWE-310",
"finding" : "not vulnerable, no HTTP compression - only supplied '/' tested"
}
, {
"id" : "POODLE_SSL",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2014-3566",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "fallback_SCSV",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"finding" : "supported"
}
, {
"id" : "SWEET32",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-2183 CVE-2016-6329",
"cwe" : "CWE-327",
"finding" : "not vulnerable"
}
, {
"id" : "FREAK",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-0204",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "DROWN",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2016-0800 CVE-2016-0703",
"cwe" : "CWE-310",
"finding" : "not vulnerable to DROWN on this host and port"
}
, {
"id" : "DROWN",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"cve" : "CVE-2016-0800 CVE-2016-0703",
"cwe" : "CWE-310",
"finding" : "Make sure you don't use this certificate elsewhere with SSLv2 enabled services, see https://censys.io/ipv4?q=010DFC3A1092ABDE4444CCD0803CBD2C375AE7FC1E93511BA8B4495C0094E355"
}
, {
"id" : "LOGJAM-common_primes",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"cve" : "CVE-2015-4000",
"cwe" : "CWE-310",
"finding" : "RFC3526/Oakley Group 14"
}
, {
"id" : "LOGJAM",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2015-4000",
"cwe" : "CWE-310",
"finding" : "not vulnerable, no DH EXPORT ciphers,"
}
, {
"id" : "BEAST_CBC_TLS1",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "MEDIUM",
"cve" : "CVE-2011-3389",
"cwe" : "CWE-20",
"finding" : "ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-SHA DHE-RSA-AES256-SHA DHE-RSA-CAMELLIA256-SHA DHE-RSA-AES128-SHA DHE-RSA-SEED-SHA DHE-RSA-CAMELLIA128-SHA"
}
, {
"id" : "BEAST",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "LOW",
"cve" : "CVE-2011-3389",
"cwe" : "CWE-20",
"finding" : "VULNERABLE -- but also supports higher protocols TLSv1.1 TLSv1.2 (likely mitigated)"
}
, {
"id" : "LUCKY13",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "LOW",
"cve" : "CVE-2013-0169",
"cwe" : "CWE-310",
"finding" : "potentially vulnerable, uses TLS CBC ciphers"
}
, {
"id" : "RC4",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "OK",
"cve" : "CVE-2013-2566 CVE-2015-2808",
"cwe" : "CWE-310",
"finding" : "not vulnerable"
}
, {
"id" : "cipher_xc030",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH 256 AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
}
, {
"id" : "cipher_xc028",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "xc028 ECDHE-RSA-AES256-SHA384 ECDH 256 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"
}
, {
"id" : "cipher_xc014",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "xc014 ECDHE-RSA-AES256-SHA ECDH 256 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
}
, {
"id" : "cipher_x9f",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "x9f DHE-RSA-AES256-GCM-SHA384 DH 2048 AESGCM 256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384"
}
, {
"id" : "cipher_x6b",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "x6b DHE-RSA-AES256-SHA256 DH 2048 AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"
}
, {
"id" : "cipher_x39",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "x39 DHE-RSA-AES256-SHA DH 2048 AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA"
}
, {
"id" : "cipher_x88",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "x88 DHE-RSA-CAMELLIA256-SHA DH 2048 Camellia 256 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA"
}
, {
"id" : "cipher_xc02f",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH 256 AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
}
, {
"id" : "cipher_xc027",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "xc027 ECDHE-RSA-AES128-SHA256 ECDH 256 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
}
, {
"id" : "cipher_xc013",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "xc013 ECDHE-RSA-AES128-SHA ECDH 256 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
}
, {
"id" : "cipher_x9e",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "x9e DHE-RSA-AES128-GCM-SHA256 DH 2048 AESGCM 128 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256"
}
, {
"id" : "cipher_x67",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "x67 DHE-RSA-AES128-SHA256 DH 2048 AES 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"
}
, {
"id" : "cipher_x33",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "x33 DHE-RSA-AES128-SHA DH 2048 AES 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
}
, {
"id" : "cipher_x9a",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "x9a DHE-RSA-SEED-SHA DH 2048 SEED 128 TLS_DHE_RSA_WITH_SEED_CBC_SHA"
}
, {
"id" : "cipher_x45",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "x45 DHE-RSA-CAMELLIA128-SHA DH 2048 Camellia 128 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA"
}
, {
"id" : "clientsimulation-android_422",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-android_442",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-android_500",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-android_60",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256"
}
, {
"id" : "clientsimulation-android_70",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-chrome_65_win7",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-chrome_70_win10",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-firefox_59_win7",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-firefox_62_win7",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-ie_6_xp",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-ie_7_vista",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-ie_8_win7",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-ie_8_xp",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-ie_11_win7",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-SHA384"
}
, {
"id" : "clientsimulation-ie_11_win81",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-SHA384"
}
, {
"id" : "clientsimulation-ie_11_winphone81",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-SHA256"
}
, {
"id" : "clientsimulation-ie_11_win10",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-edge_13_win10",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-edge_13_winphone10",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-edge_15_win10",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-opera_17_win7",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES128-SHA256"
}
, {
"id" : "clientsimulation-safari_9_ios9",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-safari_9_osx1011",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-safari_10_osx1012",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-apple_ats_9_ios9",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-tor_1709_win7",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES256-SHA"
}
, {
"id" : "clientsimulation-java_6u45",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "No connection"
}
, {
"id" : "clientsimulation-java_7u25",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.0 ECDHE-RSA-AES128-SHA"
}
, {
"id" : "clientsimulation-java_8u161",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-java_904",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-openssl_101l",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "clientsimulation-openssl_102e",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384"
}
, {
"id" : "scanTime",
"ip" : "cran.cnr.berkeley.edu/169.229.19.202",
"port" : "443",
"severity" : "INFO",
"finding" : "134"
}
]