Bernhard Amann
6bc914458b
Add smtp starttls support
2014-05-15 09:59:43 -07:00
Bernhard Amann
f0b244b8b0
Add new features from other branch to the heartbleed-detector (and clean them up).
...
We should now quite reliably detect scans/attacks, even when encrypted and not succesful.
2014-05-14 15:42:27 -07:00
Bernhard Amann
fb56b22cff
Add DH support to SSL analyzer.
...
When using DHE or DH-Anon, sever key parameters are now available
in scriptland.
Also add script to alert on weak certificate keys or weak dh-params.
2014-04-26 23:52:51 -07:00
Bernhard Amann
597c373fa0
Log chosen curve when using ec cipher suite in TLS.
2014-04-26 09:48:36 -07:00
Bernhard Amann
c24629abf4
Add very basic ocsp stapling support.
...
This only allows access to the ocsp stapling response data. No verification
or anything else at the moment.
2014-04-24 12:37:34 -07:00
Bernhard Amann
9b7eb293f1
Add documentation, consts and tests for the new events.
...
This also fixes the heartbleed detector to work for encrypted attacks in this
branch again. It stopped working, because the SSL analyzer now successfully detects
established connections, and the scripts usually disable analyzing after that.
(The heartbeat branch should not have been affected)
2014-04-24 12:05:30 -07:00
Bernhard Amann
5d9fb1631c
test for new ssl/tls dpd signature
2014-04-10 14:33:14 -07:00
Bernhard Amann
4da0718511
Finishing touches of the x509 file analyzer.
...
Mostly baseline updates and new tests.
addresses BIT-953, BIT-760, BIT-1150
2014-03-13 15:21:30 -07:00
