Thursday, May 01, 2008

SSL Testing

Here is a very good OWASP wiki page on testing SSL. I would like to add my 2 cents to it:
- You would need nmap for port scan. But on windows you would need windows packet capture library before installing nmap. To run nmap on windows vista, you need to run it with elevated privileges. You open an elevated command prompt by right-clicking on the command prompt
link and using "run as administrator".
-Download nessus and install SSL plugin for nessus, you would need plugin with IDs (21643 and 10863)

No comments: