1
00:00:00,270 --> 00:00:05,490
Another option that we can use for open source intelligence is SSL labs, dot com, and what this is

2
00:00:05,490 --> 00:00:10,280
going to do is a tool that has the server to see if the SSL settings are set correctly.

3
00:00:10,500 --> 00:00:17,190
So you like, for example, if a website is still accepting SSL 3.0 or atleast one point, one point

4
00:00:17,190 --> 00:00:22,380
one, it's going to be able to tell you that which is very useful, something that your clients might

5
00:00:22,380 --> 00:00:29,310
want to know when you're on a penetration test, because using vulnerable SSL or TLR settings could

6
00:00:29,310 --> 00:00:32,610
be potentially an issue and cause stuff in the middle of sextape.

7
00:00:32,730 --> 00:00:39,240
This is the SSL Labs dot com website, so we can go ahead and actually click on test server as our other

8
00:00:39,240 --> 00:00:40,710
functions to obviously.

9
00:00:40,860 --> 00:00:42,480
But let's go ahead and see.

10
00:00:42,480 --> 00:00:43,650
Let's try my Web site.

11
00:00:43,680 --> 00:00:49,690
They need timber's dot com and let's see what the results, what the results are.

12
00:00:49,950 --> 00:00:56,980
So testing different SSL settings into settings and looking at my certificates and such and pretty much

13
00:00:57,000 --> 00:00:59,490
trying to figure out what's going on.

14
00:01:00,060 --> 00:01:01,110
And it's going to give us results.

15
00:01:01,110 --> 00:01:02,870
So it might take like a couple of minutes.

16
00:01:02,870 --> 00:01:06,540
So let's just wait and then we'll go ahead and come back and look at the results.

17
00:01:06,570 --> 00:01:09,690
We have our results that are results for Anthony Timber's dot com.

18
00:01:09,690 --> 00:01:11,460
We got to be a solid B..

19
00:01:11,460 --> 00:01:14,070
I didn't I wasn't mad at bees when I got those in college.

20
00:01:14,070 --> 00:01:14,370
All right.

21
00:01:14,550 --> 00:01:15,540
I was very happy.

22
00:01:16,020 --> 00:01:17,940
My cert very well.

23
00:01:17,940 --> 00:01:24,870
We support TEALS one point three, but we need to actually go and disable maybe two, one point zero

24
00:01:24,870 --> 00:01:29,280
and one point one, because those have actually been proven recently to be vulnerable.

25
00:01:29,280 --> 00:01:31,980
So that's something that needs to go B needs to be changed.

26
00:01:32,250 --> 00:01:35,550
And don't worry, by the time this course is published, it will be changed from network, gives you

27
00:01:35,550 --> 00:01:40,110
information about like certificates and such a lot of different things.

28
00:01:40,110 --> 00:01:43,950
And unless you know how long how long things are valid.

29
00:01:43,950 --> 00:01:47,240
So let's see, this needs to be updated.

30
00:01:47,250 --> 00:01:51,600
So a lot of stuff in here is very, very useful information.

31
00:01:51,600 --> 00:01:54,390
So maybe this needs to stop being supported.

32
00:01:54,390 --> 00:01:58,470
I mean, the only support, you know, specific ciphers and everything.

33
00:01:58,470 --> 00:02:04,620
So it's pretty useful information, especially if you're really conducting an external assessment.

34
00:02:04,620 --> 00:02:05,790
You need to gather information.