| TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - strong | TLS_ECDHE_RSA_WITH_RC4_128_SHA - strong | TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA - broken | TLS_ECDH_anon_WITH_AES_128_CBC_SHA - broken | TLS_ECDH_anon_WITH_AES_256_CBC_SHA - broken | TLS_ECDH_anon_WITH_RC4_128_SHA - bro...
AES-GCM 和一些 ECDHE 相当近,而不是出现在大多数版本的 Ubuntu OpenSSL 附带或 RHEL。 新版本中,可通过命令: nmap --script ssl-cert,ssl-enum-ciphers -p 443 host_ip,到如下部分信息: |TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - strong | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - strong | TLS_E...
WITH_RC2_CBC_40_MD5 - weak | TLS_RSA_EXPORT_WITH_RC4_40_MD5 - weak | TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong | TLS_RSA_WITH_AES_128_CBC_SHA - strong | TLS_RSA_WITH_AES_256_CBC_SHA - strong | TLS_RSA_WITH_AES_256_CBC_SHA256 - strong | TLS_RSA_WITH_AES_256_GCM_SHA384...
| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA | Compressors (1) | uncompressed | TLSv1.1 | Ciphers (7) | TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA | TLS_RSA_WITH_AES_128_CBC_S...
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_...
CBC_SHA (0x0033) Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032) Cipher Suite: TLS_RSA_WITH_RC4_128_SHA (0x0005) Cipher Suite: TLS_RSA_WITH_RC4_128_MD5 (0x0004) Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f) Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x...
TLS(Transport Layer Security)传输层安全 上述这两个是为网络通信提供安全及数据完整性的一种安全协议,TLS和SSL在传输层和应用层对网络连接进行加密。 总结来说为什么要使用https: http协议是明文传输数据,存在安全问题,而https是加密传输,相当于http+ssl,并且可以防止流量劫持。
_SHA (rsa 2048) - A | TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C | compressors: | NULL | cipher preference: server | warnings: | 64-bit block cipher 3DES vulnerable to SWEET32 attack | TLSv1.2: | ciphers: | TLS_ECDHE_...
RSA_WITH_AES_128_CBC_SHA(0x0033)Cipher Suite:TLS_DHE_RSA_WITH_AES_256_CBC_SHA(0x0039)Cipher Suite:TLS_RSA_WITH_AES_128_CBC_SHA(0x002f)Cipher Suite:TLS_RSA_WITH_AES_256_CBC_SHA(0x0035)Cipher Suite:TLS_RSA_WITH_3DES_EDE_CBC_SHA(0x000a)Compression Methods Length:1CompressionMethods(...
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;ssl_ciphers TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:WEAK112TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:FS256TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA- ssl_prefer_server_ciphers on;location / { proxy_pass ht...