SSL / TLS Transport Tests

[Ref: OpenBSD 5.5, openssl s_client], SSL Checklist for Pentesters - the Manual Cheatsheet, testssl.sh ]

As a security tool, it's only as secure as you continue to validate it's effectiveness.

Fortunately, s_client is a command-line option that allows us some measure of 'access' to an encrypted connection to assist with validating the service on the other side, let alone the encryption.

The s_client command implements a generic SSL/TLS client which connects to a remote host using SSL/TLS. It is a very useful diagnostic tool for SSL servers.

For all the above protocols (smtp, pop3, imap) we can use openssl s_client to connect to the remote host, and use the standard diagnostics commands, as if it were a cleartext connection.

SMTP is provided into two flavours, a cleartext connection which can then be negotiated into an encrypted connection, and the 2nd with encrypted connection to begin with.

SMTP using STARTTLS

Connect to your mail server (Mail Transport Agenet, MTA) through the standard port '25'.

openssl s_client -starttls smtp -crlf -connect your_MTA:25
A lot of certificate information is exchanged, and shown on the screen

...

250 DSN

openssl's s_client -starttls smtp -crlf connects to the server your_MTA to make the encryption/decrypting between our console and an SMTP server.

Once TLS is negotiated using "-starttls", the console output is interepreted for us as if we have connected in cleartext.

Continue validation of the SMTP service such as in the below scenario:

MAIL FROM: <samt@example.com>
250 2.1.0 Ok
RCPT TO: mylocaluser
250 2.1.5 Ok
DATA
354 End data with .
From: <samt@example.com>
Subject: STARTTLS Test Message

Postfix will decrypt

.
250 2.0.0 Ok: queued as XXXXXXXXXXX
quit
221 2.0.0 Bye

If the connection -starttls fails, the first place to review is the logs on your_MTA server.

SMTPS

Verify the wrapmode smtps service is working correctly using the generic openssl s_client connection.

openssl s_client -connect localhost:465
CONNECTED(0000000X)
Plenty of Certificate negotiation/information

220 mx.coco.nut.to ESMTP Postfix

At this point, we have an example of connecting SSL secured to SMTPS. The same approach is made for connecting to other SSL services:

openssl s_client -connect localhost:${PORT}

Legitimacy

[Ref: OpenSSL Command-Line HOWTO]

Consider the legitimacy, currency of your SSL connection by reviewing current practises, and accepted revisions. There are a number Open Source tools, try https://testssl.sh The following is a quick shortcut

Dates

Dates tend to be the most common error (i.e. we forget their expiring)

To get the date from a remote site (e.g.: example.com):

echo | openssl s_client -connect example.com:port# 2>/dev/null | openssl x509 -noout -subject -dates

To get the dates from your local certificate:

openssl x509 -noout -subject -dates -in mycertificate.crt

FAIL for Success

The following should fail, as either it is no longer perceived as robust or has been shown to be insecure:

SSLv2 is no longer current

openssl s_client -ssl2 -connect host:port

SSL v2 service should be disabled.

SSLv3 is no longer current

openssl s_client -ssl3 -connect host:port

SSL v3 service should be disabled.

Weak Cipher Suites

openssl s_client -cipher NULL,EXPORT,LOW,3DES -connect site:port

Weak ciphers are supported on the connection.

Anonymous cipher suites

openssl s_client -cipher aNULL -connect site:port

Server Preference

openssl s_client [-ssl2|-ssl3|-tls1|-tls1_1|tls1_2] -cipher {{CIPHERS}} -connect site:port

Change the order of CIPHERS to change client preferences. The server should always return it's preference.

Note: This makes no claim on the server's preferred cipher.

From the reference: testssl.sh man, Mozilla's Cipher names correspondence table

SUCCESS for Success

The following should be successful, as they are deemed secure methods for communications.

TLS v1

openssl s_client -tls1_1 -connect host:port
openssl s_client -tls1_2 -connect host:port

TLS v1.1 and v1.2 are current, as of (2014/09/01) and should be enabled on your server.

Secure Renegotiation

openssl s_client -connect host:port

Review host response for the output:

  • Secure Renegotiation IS supported

Note the 'positive' response. If your response does not include the above, you need to review the version of the SSL on your server.