RE: Any tool for testing SSL servers (by modifying client HELLO)?

["Carl Davis" <cdavis () rvasi com>]

Aside from the tools/techniques already mentioned, I have also found the use
of certain browsers like Opera 7.X or better and Netscape 7.X (newer
versions appear to have gone away from this) to be helpful. Each allows you
to specify via a checkbox under the Preferences tab which specific SSL
protocol version(s) and cipher(s) strength to use/allow for SSL connections
i.e. only connect using SSLv2 with a 40 bit C2 (RSA/MD5) cipher, or
SSLv3/TLS 1 with a 56 DES (RSA/SHA), etc. Additionally, Netscape 4.72 and
similar versions can be configured to alert/warn you when an attempt is made
to load a page that uses low-grade encryption (40 bit for example).

A somewhat different approach that may come in handy from time to time.
-----------
Cheers,

Carl Davis
Site: http://www.rvasi.com  
Forum: http://www.rvasi.com/forum  


-----Original Message-----
From: contrera () eig unige ch [mailto:contrera () eig unige ch] 
Sent: Monday, September 12, 2005 9:07 AM
To: security-basics () securityfocus com
Subject: Any tool for testing SSL servers (by modifying client HELLO)?

Hi,

I'm looking for a tool that will allow me to specify which cipher suites i
want to put in my client HELLO.

I want to test if my SSL servers allows ciphers with "only" 40bits.

Thanks for the infos