서버 SSL/TLS 테스트 받아보기
| Protocol Details | ||||||
| DROWN | No, server keys and hostname not seen elsewhere with SSLv2
|
|||||
| Secure Renegotiation | Supported | |||||
| Secure Client-Initiated Renegotiation | No | |||||
| Insecure Client-Initiated Renegotiation | No | |||||
| BEAST attack | Not mitigated server-side (more info) SSL 3: 0xa, TLS 1.0: 0xa | |||||
| POODLE (SSLv3) | Vulnerable INSECURE (more info) SSL 3: 0xa | |||||
| POODLE (TLS) | No (more info) | |||||
| Downgrade attack prevention | Yes, TLS_FALLBACK_SCSV supported (more info) | |||||
| SSL/TLS compression | No | |||||
| RC4 | Yes INSECURE (more info) | |||||
| Heartbeat (extension) | Yes | |||||
| Heartbleed (vulnerability) | No (more info) | |||||
| Ticketbleed (vulnerability) | No (more info) | |||||
| OpenSSL CCS vuln. (CVE-2014-0224) | No (more info) | |||||
| OpenSSL Padding Oracle vuln. (CVE-2016-2107) |
No (more info) | |||||
| Forward Secrecy | With some browsers (more info) | |||||
등등......
SSL 인증서랑 서버의 프로토콜 체크 해주네요
아파치 SSL 설정 보완해야 할거 같아요
|
댓글을 작성하시려면 로그인이 필요합니다.
댓글 1개