SSL/TLS加密检测脚本testssl.sh

以前SSL检测常用工具就是ssllabs的:https://www.ssllabs.com/ssltest/ 以及国内的https://myssl.com/.

检测方法很简单,输入在线检测即可。

今天在网上有发现一款好用的SSL检测脚本:testssl.sh:https://testssl.sh/

检测方法就是下载源码,运行:

git clone --depth 1 https://github.com/drwetter/testssl.sh.git

然后进入目录:

运行:帮助shuom

testssl.sh --help

运行检测:

./testssl.sh yourdomain.com

检测结果类型如下:

###########################################################
    testssl.sh       3.0beta from https://testssl.sh/dev/
    (470f8b6 2018-04-28 22:38:53 -- )

      This program is free software. Distribution and
             modification under GPLv2 permitted.
      USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!

       Please file bugs @ https://testssl.sh/bugs/

###########################################################

 Using "OpenSSL 1.0.2-chacha (1.0.2i-dev)" [~183 ciphers]
 on VM_122_230_centos:./bin/openssl.Linux.x86_64
 (built: "Jun 22 19:32:29 2016", platform: "linux-x86_64")


 Start 2018-04-29 23:25:20        -->> 119.28.6.33:443 (zach.xin) <<--

 rDNS (119.28.6.33):     --
 Service detected:       HTTP


 Testing protocols via sockets except NPN+ALPN 

 SSLv2      not offered (OK)
 SSLv3      not offered (OK)
 TLS 1      offered
 TLS 1.1    offered
 TLS 1.2    offered (OK)
 TLS 1.3    not offered
 NPN/SPDY   h2, http/1.1 (advertised)
 ALPN/HTTP2 h2, http/1.1 (offered)

 Testing cipher categories 

 NULL ciphers (no encryption)                  not offered (OK)
 Anonymous NULL Ciphers (no authentication)    not offered (OK)
 Export ciphers (w/o ADH+NULL)                 not offered (OK)
 LOW: 64 Bit + DES encryption (w/o export)     not offered (OK)
 Weak 128 Bit ciphers (SEED, IDEA, RC[2,4])    not offered (OK)
 Triple DES Ciphers (Medium)                   not offered (OK)
 High encryption (AES+Camellia, no AEAD)       offered (OK)
 Strong encryption (AEAD ciphers)              offered (OK)


 Testing robust (perfect) forward secrecy, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4 

 PFS is offered (OK)          ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA ECDHE-RSA-CHACHA20-POLY1305 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA 
 Elliptic curves offered:     prime256v1 secp384r1 secp521r1 X25519 


 Testing server preferences 

 Has server cipher order?     yes (OK)
 Negotiated protocol          TLSv1.2
 Negotiated cipher            ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Cipher order
    TLSv1:     ECDHE-RSA-AES128-SHA AES128-SHA ECDHE-RSA-AES256-SHA AES256-SHA 
    TLSv1.1:   ECDHE-RSA-AES128-SHA AES128-SHA ECDHE-RSA-AES256-SHA AES256-SHA 
    TLSv1.2:   ECDHE-RSA-CHACHA20-POLY1305 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA AES128-GCM-SHA256 AES128-CCM8 AES128-CCM AES128-SHA256 AES128-SHA
               ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA AES256-GCM-SHA384 AES256-CCM8 AES256-CCM AES256-SHA256 AES256-SHA 


 Testing server defaults (Server Hello) 

 TLS extensions (standard)    "renegotiation info/#65281" "EC point formats/#11" "session ticket/#35" "status request/#5" "next protocol/#13172" "max fragment length/#1"
                              "application layer protocol negotiation/#16" "encrypt-then-mac/#22" "extended master secret/#23"
 Session Ticket RFC 5077 hint 600 seconds, session tickets keys seems to be rotated < daily
 SSL Session ID support       yes
 Session Resumption           Tickets: yes, ID: yes
 TLS clock skew               Random values, no fingerprinting possible 
 Signature Algorithm          SHA256 with RSA
 Server key size              RSA 2048 bits
 Server key usage             Digital Signature, Key Encipherment
 Server extended key usage    TLS Web Server Authentication, TLS Web Client Authentication
 Serial / Fingerprints        049CA937F746C261709C994D3484D78B958A / SHA1 C654AA97C778B10F79B05E12F679146255984AC8
                              SHA256 F1137B78E829E1AEC2F238F931835A0090DBCF01C6F57B48F5CF16C2295B0EB4
 Common Name (CN)             zach.xin
 subjectAltName (SAN)         www.zach.xin zach.xin 
 Issuer                       Let's Encrypt Authority X3 (Let's Encrypt from US)
 Trust (hostname)             Ok via SAN and CN (same w/o SNI)
 Chain of trust               Ok   
 EV cert (experimental)       no 
 Certificate Validity (UTC)   78 >= 30 days (2018-04-18 19:06 --> 2018-07-17 19:06)
 # of certificates provided   2
 Certificate Revocation List  --
 OCSP URI                     http://ocsp.int-x3.letsencrypt.org
 OCSP stapling                offered
 OCSP must staple extension   --
 DNS CAA RR (experimental)    not offered
 Certificate Transparency     yes (certificate extension)


 Testing HTTP header response @ "/" 

 HTTP Status Code             403 Forbidden
 HTTP clock skew              0 sec from localtime
 Strict Transport Security    not offered
 Public Key Pinning           --
 Server banner                nginx
 Application banner           --
 Cookie(s)                    (none issued at "/") -- maybe better try target URL of 30x
 Security headers             --
 Reverse Proxy banner         --


 Testing vulnerabilities 

 Heartbleed (CVE-2014-0160)                not vulnerable (OK), no heartbeat extension
 CCS (CVE-2014-0224)                       not vulnerable (OK)
 Ticketbleed (CVE-2016-9244), experiment.  not vulnerable (OK)
 ROBOT                                     not vulnerable (OK)
 Secure Renegotiation (CVE-2009-3555)      not vulnerable (OK)
 Secure Client-Initiated Renegotiation     not vulnerable (OK)
 CRIME, TLS (CVE-2012-4929)                not vulnerable (OK)
 BREACH (CVE-2013-3587)                    no HTTP compression (OK)  - only supplied "/" tested
 POODLE, SSL (CVE-2014-3566)               not vulnerable (OK)
 TLS_FALLBACK_SCSV (RFC 7507)              Downgrade attack prevention supported (OK)
 SWEET32 (CVE-2016-2183, CVE-2016-6329)    not vulnerable (OK)
 FREAK (CVE-2015-0204)                     not vulnerable (OK)
 DROWN (CVE-2016-0800, CVE-2016-0703)      not vulnerable on this host and port (OK)
                                           make sure you don't use this certificate elsewhere with SSLv2 enabled services
                                           https://censys.io/ipv4?q=F1137B78E829E1AEC2F238F931835A0090DBCF01C6F57B48F5CF16C2295B0EB4 could help you to find out
 LOGJAM (CVE-2015-4000), experimental      not vulnerable (OK): no DH EXPORT ciphers, no DH key detected
 BEAST (CVE-2011-3389)                     TLS1: ECDHE-RSA-AES128-SHA AES128-SHA ECDHE-RSA-AES256-SHA AES256-SHA 
                                           VULNERABLE -- but also supports higher protocols  TLSv1.1 TLSv1.2 (likely mitigated)
 LUCKY13 (CVE-2013-0169), experimental     potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS. Check patches
 RC4 (CVE-2013-2566, CVE-2015-2808)        no RC4 ciphers detected (OK)


 Testing 364 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength 

Hexcode  Cipher Suite Name (OpenSSL)       KeyExch.   Encryption  Bits     Cipher Suite Name (RFC)
-----------------------------------------------------------------------------------------------------------------------------
 xc030   ECDHE-RSA-AES256-GCM-SHA384       ECDH 256   AESGCM      256      TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384              
 xc028   ECDHE-RSA-AES256-SHA384           ECDH 256   AES         256      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384              
 xc014   ECDHE-RSA-AES256-SHA              ECDH 256   AES         256      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA                 
 xcca8   ECDHE-RSA-CHACHA20-POLY1305       ECDH 253   ChaCha20    256      TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256        
 x9d     AES256-GCM-SHA384                 RSA        AESGCM      256      TLS_RSA_WITH_AES_256_GCM_SHA384                    
 xc0a1   AES256-CCM8                       RSA        AESCCM8     256      TLS_RSA_WITH_AES_256_CCM_8                         
 xc09d   AES256-CCM                        RSA        AESCCM      256      TLS_RSA_WITH_AES_256_CCM                           
 x3d     AES256-SHA256                     RSA        AES         256      TLS_RSA_WITH_AES_256_CBC_SHA256                    
 x35     AES256-SHA                        RSA        AES         256      TLS_RSA_WITH_AES_256_CBC_SHA                       
 xc02f   ECDHE-RSA-AES128-GCM-SHA256       ECDH 256   AESGCM      128      TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256              
 xc027   ECDHE-RSA-AES128-SHA256           ECDH 256   AES         128      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256              
 xc013   ECDHE-RSA-AES128-SHA              ECDH 256   AES         128      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA                 
 xc0a0   AES128-CCM8                       RSA        AESCCM8     128      TLS_RSA_WITH_AES_128_CCM_8                         
 xc09c   AES128-CCM                        RSA        AESCCM      128      TLS_RSA_WITH_AES_128_CCM                           
 x9c     AES128-GCM-SHA256                 RSA        AESGCM      128      TLS_RSA_WITH_AES_128_GCM_SHA256                    
 x3c     AES128-SHA256                     RSA        AES         128      TLS_RSA_WITH_AES_128_CBC_SHA256                    
 x2f     AES128-SHA                        RSA        AES         128      TLS_RSA_WITH_AES_128_CBC_SHA                       


 Running client simulations via sockets 

 Android 4.2.2                TLSv1.0 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
 Android 4.4.2                TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Android 5.0.0                TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Android 6.0                  TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Android 7.0                  TLSv1.2 ECDHE-RSA-CHACHA20-POLY1305, 253 bit ECDH (X25519)
 Chrome 57 Win 7              TLSv1.2 ECDHE-RSA-CHACHA20-POLY1305, 253 bit ECDH (X25519)
 Chrome 65 Win 7              TLSv1.2 ECDHE-RSA-CHACHA20-POLY1305, 253 bit ECDH (X25519)
 Firefox 53 Win 7             TLSv1.2 ECDHE-RSA-CHACHA20-POLY1305, 253 bit ECDH (X25519)
 Firefox 59 Win 7             TLSv1.2 ECDHE-RSA-CHACHA20-POLY1305, 253 bit ECDH (X25519)
 IE 6 XP                      No connection
 IE 7 Vista                   TLSv1.0 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
 IE 8 Win 7                   TLSv1.0 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
 IE 8 XP                      No connection
 IE 11 Win 7                  TLSv1.2 ECDHE-RSA-AES128-SHA256, 256 bit ECDH (P-256)
 IE 11 Win 8.1                TLSv1.2 ECDHE-RSA-AES128-SHA256, 256 bit ECDH (P-256)
 IE 11 Win Phone 8.1          TLSv1.2 ECDHE-RSA-AES128-SHA256, 256 bit ECDH (P-256)
 IE 11 Win 10                 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Edge 13 Win 10               TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Edge 13 Win Phone 10         TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Edge 15 Win 10               TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 253 bit ECDH (X25519)
 Opera 17 Win 7               TLSv1.2 ECDHE-RSA-AES128-SHA256, 256 bit ECDH (P-256)
 Safari 9 iOS 9               TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Safari 9 OS X 10.11          TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Safari 10 OS X 10.12         TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Apple ATS 9 iOS 9            TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Tor 17.0.9 Win 7             TLSv1.0 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
 Java 6u45                    TLSv1.0 AES128-SHA
 Java 7u25                    TLSv1.0 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
 Java 8u161                   TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Java 9.0.4                   TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 OpenSSL 1.0.1l               TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 OpenSSL 1.0.2e               TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)

 Done 2018-04-29 23:27:55 [ 158s] -->> 119.28.6.33:443 (zach.xin) <<--

 

博客名字

昨天处理CDN的时候,突然想到为啥我的博客要叫这个名字?

本质上这就是一个我的个人博客,原来名字就叫Zach’s Blog,后来转到国内换成了一个VIP域名。

转国内云服务商自然免不了要备案了,于是我在填写备案信息的时候看到了我无意中选的顶部图,一副落日的景象,遂填写了一个日暮星辰。纯属偶得。

也罢,难得人生诗酒花,醉与落日然绯霞。

DNS解析迁移回国内

最近中美贸易关系闹得挺乱,突然发现在国际政治面前,一切遮羞布都是渣渣。

为了规避中中美国际政治风险,把源CloudFlare的域名解析全部迁移回国内。

本来想换位百度DNS智能云解析 ,后来发现它只能解析已备案域名,所以没备案的就没戏了。

另外百度的DNS域名解析识别备案也出错,一个.XIN域名总是识别为没备案。于是我只放了一个域名在上面,买了个9快钱的普惠版凑合用着。百度解析没有什么特殊的功能。

 

在闲逛的时候无意发现一家新的云安全服务商,有免费的域名解析服务:上海云盾信息技术有限公司(YUNDUN) ,主要业务为云安全服务。旗下业务有安全的DNS云解析,本来以为平淡无奇,进去发现还是不错,有完善的分区解析,比DNSPOD那小气劲可算是大方多了。看其VIP服务差异不大。还是希望它能够办下去,毕竟国内靠谱的域名解析服务不多了。

回过头来想想,中兴这次事件也为我们的基础服务敲响了警钟,虽然网络无国界,自由平等开源其实很多时候还是受到政治制约的。

从这些云解析中看来,还是希望国内的云服务商都争气,完善好我们自己的网络和服务吧。截止目前,我一直在使用着阿里云、腾讯云、京东云,国外的VPS也很少用了。

使用Oneinstack实现TLS1.3部署

一直在使用OneInstack,一直为网站部署了SSL,随着TLS1.3的草案落实发布,Openssl也发布了多个草案适配的TLS1.3的OPENSSL测试版套件。本文在此提供一种方案实现部署TLS1.3实现draft 23.

1.按照OneInstack网站下载WEB运维脚本源码,解压。

2.修改根目录下versions.txt文件,修改Openssl和NGINX版本要求,目前是为了下载适用的openssl-1.1.1-pre2版本和NGINX版本

nginx_ver=1.13.11
openssl_ver=1.1.1-pre2

3.修改oneinstack源码中./include/check_download.sh文件中openssl-1.1.1-pre2下载连接,由于新版本的openssl-1.1.1-pre3和pre4版本的发布,openssl官网上的pre2的连接更新至:https://www.openssl.org/source/old/1.1.1/openssl-1.1.1-pre2.tar.gz

  echo "Download openSSL..."
  src_url=https://www.openssl.org/source/old/1.1.1/openssl-${openssl_ver}.tar.gz && Download_src

 

4.按照以上设置,按照正常的oneinstack安装程序安装会出现x25519-x86_64一个文件的编译错误,是由于在openssl-1.1.1-pre2源码中一直存在一个错误:在./crypto/ec/asm/x25519-x86_64.pl 文件中末尾存在一个变量错误,更正如下:

close STDOUT;

考虑下载的覆盖问题,我建议直接下载openssl-1.1.1-pre2源码修改完成打包文件名为openssl-1.1.1-pre2.tar.gz直接放置于oneinstack源码中./src文件夹中。安装时候才不会下载源码覆盖。

5.完成以上后可以正常安装编译。完成后新建vhost网站,修改nginx对应的conf设置:

  ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
  ssl_ciphers TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;

修改完成重启nginx

6.设置浏览器支持tls1.3

目前最新版 Chrome 和 Firefox 都支持 TLS 1.3,但需要手动开启:

  • Chrome,将 chrome://flags/ 中的 Maximum TLS version enabled 改为 TLS 1.3(Chrome 62 中需要将 TLS 1.3 改为 Enabled (Draft));
  • Firefox,将 about:config 中的 security.tls.version.max 改为 4

目前ssllabs和myssl两个ssl检测网站都无法识别tls1.3 draft 23,因此检测不到TLS1.3.

至此,网站已经正常启用TLS1.3

 

Cloudflare 1.1.1.1公共DNS上线Cloudflare Public DNS

什么是公共DNS

我们都知道,我们要能上网,就必须要使用DNS。这个DNS可能是你的运营商提供给你的,也可以是一些其它组织提供的,比如我们熟知的谷歌的8.8.8.8,国内114dns的114.114.114.114. 。他们负责给我们的请求提供解析服务。

不过首先要明白,公共DNS不是:
  • 不是根服务器
  • 不是权威dns托管商,不提供域名注册等服务,比如万网和DNSpod
  • 不是权威dns,不针对个别域名进行解析

公共DNS服务的特点就是服务的域名数量巨大,用户数多,同时要求具有安全性和抗攻击性,低延迟(响应快),无拦截(无广告)以及对解析成功率要求非常的高。

近期,深耕于域名解析DNS和CDN的国外知名服务商Cloudflare上线了其下的免费公共DNS服务,其与 APNIC合作推出了免费的公共DNS解析服务:

DNS解析服务IP为:

IPV4:1.1.1.1    1.0.0.1

IPV6:2001:2001:: 2001:2001:2001::

从IP都直接看来,颇具诚意。

以前国外特色的DNS公共DNS解析服务有:

GOOGLE IPV4:8.8.8.8    8.8.4.4

Quad 9 (IBM):9.9.9.9