1 00:00:00,270 --> 00:00:05,490 Another option that we can use for open source intelligence is SSL labs, dot com, and what this is 2 00:00:05,490 --> 00:00:10,280 going to do is a tool that has the server to see if the SSL settings are set correctly. 3 00:00:10,500 --> 00:00:17,190 So you like, for example, if a website is still accepting SSL 3.0 or atleast one point, one point 4 00:00:17,190 --> 00:00:22,380 one, it's going to be able to tell you that which is very useful, something that your clients might 5 00:00:22,380 --> 00:00:29,310 want to know when you're on a penetration test, because using vulnerable SSL or TLR settings could 6 00:00:29,310 --> 00:00:32,610 be potentially an issue and cause stuff in the middle of sextape. 7 00:00:32,730 --> 00:00:39,240 This is the SSL Labs dot com website, so we can go ahead and actually click on test server as our other 8 00:00:39,240 --> 00:00:40,710 functions to obviously. 9 00:00:40,860 --> 00:00:42,480 But let's go ahead and see. 10 00:00:42,480 --> 00:00:43,650 Let's try my Web site. 11 00:00:43,680 --> 00:00:49,690 They need timber's dot com and let's see what the results, what the results are. 12 00:00:49,950 --> 00:00:56,980 So testing different SSL settings into settings and looking at my certificates and such and pretty much 13 00:00:57,000 --> 00:00:59,490 trying to figure out what's going on. 14 00:01:00,060 --> 00:01:01,110 And it's going to give us results. 15 00:01:01,110 --> 00:01:02,870 So it might take like a couple of minutes. 16 00:01:02,870 --> 00:01:06,540 So let's just wait and then we'll go ahead and come back and look at the results. 17 00:01:06,570 --> 00:01:09,690 We have our results that are results for Anthony Timber's dot com. 18 00:01:09,690 --> 00:01:11,460 We got to be a solid B.. 19 00:01:11,460 --> 00:01:14,070 I didn't I wasn't mad at bees when I got those in college. 20 00:01:14,070 --> 00:01:14,370 All right. 21 00:01:14,550 --> 00:01:15,540 I was very happy. 22 00:01:16,020 --> 00:01:17,940 My cert very well. 23 00:01:17,940 --> 00:01:24,870 We support TEALS one point three, but we need to actually go and disable maybe two, one point zero 24 00:01:24,870 --> 00:01:29,280 and one point one, because those have actually been proven recently to be vulnerable. 25 00:01:29,280 --> 00:01:31,980 So that's something that needs to go B needs to be changed. 26 00:01:32,250 --> 00:01:35,550 And don't worry, by the time this course is published, it will be changed from network, gives you 27 00:01:35,550 --> 00:01:40,110 information about like certificates and such a lot of different things. 28 00:01:40,110 --> 00:01:43,950 And unless you know how long how long things are valid. 29 00:01:43,950 --> 00:01:47,240 So let's see, this needs to be updated. 30 00:01:47,250 --> 00:01:51,600 So a lot of stuff in here is very, very useful information. 31 00:01:51,600 --> 00:01:54,390 So maybe this needs to stop being supported. 32 00:01:54,390 --> 00:01:58,470 I mean, the only support, you know, specific ciphers and everything. 33 00:01:58,470 --> 00:02:04,620 So it's pretty useful information, especially if you're really conducting an external assessment. 34 00:02:04,620 --> 00:02:05,790 You need to gather information.