eal
2022-08-18, 00:34
Hello
We recently hired a security firm to run an internal pentest and I gave the contractor a jump host machine and he installed Kali in a virtual box and ran the test.
One item identified was the support for TLS 1.0 and TLS 1.2. He gave us a list of 100+ ips that had TLS 1.0 and TLS1.1 enabled. I have since used registry/GPO to disable support for TLS 1.0 and TLS 1.1. I have used IISCrypto tool to confirm this. I, however, also wanted to scan the network and confirm if through the same tool he used. Also, I can remote scan it instead of running IISCrypto on each machine.
I believe he used sslscan tool in Kali as the screenshot provided matches with the output. It is the same network and same IPS but I am having issues running sslscan. Since then I also downloaded sslscan for Windows and running into the same issue.
Here is my issue. Windows firewall is enabled. It takes a couple of minutes after running the command and generates the below error of connection timed out.
# sslscan 192.168.xxx.xxx
Version: 2.0.15-static
OpenSSL 1.1.1q-dev xx XXX xxxx
Error: Could not open a connection to host 192.168.xxx.xxx (192.168.xxx.xxx) on port 443 (connect: Timed out).
Windows firewall is disabled. It generates below right away that the connection refused
# sslscan 192.168.xxx.xxx
Version: 2.0.15-static
OpenSSL 1.1.1q-dev xx XXX xxxx
Error: Could not open a connection to host 192.168.xxx.xxx (192.168.xxx.xxx) on port 443 (connect: connection refused).
With the firewall turned off, I get similar issues running sslscan from the Windows box
C:\<>\sslscan.exe 192.168.xxx.xxx
Version: 2.0.15 Windows 64-bit (Mingw)
OpenSSL 1.1.1e-dev xx XXX xxxx
ERROR: Could not open a connection to host 192.168.xxx.xxx (192.168.xxx.xxx) on port 443 (connect: No connection could be made because the target machine actively refused it. ).
This is the same network and subnet that the tester used and generated the result. However, I am getting the connection timed out and the connection refused message. We did not turn off the Windows firewall for him either. Does anyone have any idea?
I am also open to using another tool if you have had a better experience with it.
Thanks for your time!
We recently hired a security firm to run an internal pentest and I gave the contractor a jump host machine and he installed Kali in a virtual box and ran the test.
One item identified was the support for TLS 1.0 and TLS 1.2. He gave us a list of 100+ ips that had TLS 1.0 and TLS1.1 enabled. I have since used registry/GPO to disable support for TLS 1.0 and TLS 1.1. I have used IISCrypto tool to confirm this. I, however, also wanted to scan the network and confirm if through the same tool he used. Also, I can remote scan it instead of running IISCrypto on each machine.
I believe he used sslscan tool in Kali as the screenshot provided matches with the output. It is the same network and same IPS but I am having issues running sslscan. Since then I also downloaded sslscan for Windows and running into the same issue.
Here is my issue. Windows firewall is enabled. It takes a couple of minutes after running the command and generates the below error of connection timed out.
# sslscan 192.168.xxx.xxx
Version: 2.0.15-static
OpenSSL 1.1.1q-dev xx XXX xxxx
Error: Could not open a connection to host 192.168.xxx.xxx (192.168.xxx.xxx) on port 443 (connect: Timed out).
Windows firewall is disabled. It generates below right away that the connection refused
# sslscan 192.168.xxx.xxx
Version: 2.0.15-static
OpenSSL 1.1.1q-dev xx XXX xxxx
Error: Could not open a connection to host 192.168.xxx.xxx (192.168.xxx.xxx) on port 443 (connect: connection refused).
With the firewall turned off, I get similar issues running sslscan from the Windows box
C:\<>\sslscan.exe 192.168.xxx.xxx
Version: 2.0.15 Windows 64-bit (Mingw)
OpenSSL 1.1.1e-dev xx XXX xxxx
ERROR: Could not open a connection to host 192.168.xxx.xxx (192.168.xxx.xxx) on port 443 (connect: No connection could be made because the target machine actively refused it. ).
This is the same network and subnet that the tester used and generated the result. However, I am getting the connection timed out and the connection refused message. We did not turn off the Windows firewall for him either. Does anyone have any idea?
I am also open to using another tool if you have had a better experience with it.
Thanks for your time!