Scribd
Upload
36 views

Ciphers Withciphers Scan Tool

The document summarizes the ciphers used by four different systems in a network: 1. The master transmitter uses TLS 1.2 and strong encryption ciphers like ECDHE-RSA with AES256 and AES128. 2. The mirror transmitter has the same configuration as the master transmitter. 3. The CMS also relies on TLS 1.2 and modern encryption ciphers. 4. The reverse proxy follows a similar configuration to the other systems, using TLS 1.2 and strong encryption.

Uploaded by

rutikakamble87
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
36 views

Ciphers Withciphers Scan Tool

The document summarizes the ciphers used by four different systems in a network: 1. The master transmitter uses TLS 1.2 and strong encryption ciphers like ECDHE-RSA with AES256 and AES128. 2. The mirror transmitter has the same configuration as the master transmitter. 3. The CMS also relies on TLS 1.2 and modern encryption ciphers. 4. The reverse proxy follows a similar configuration to the other systems, using TLS 1.2 and strong encryption.

Uploaded by

rutikakamble87
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 4

Following ciphers are being used:

1. MASTER TRANSMITTER

[madmin@hipunlmar38 cipherscan]$ ./cipherscan hipunwcmar04.ad.harman.com:5283


.......................................
Target: hipunwcmar04.ad.harman.com:5283

prio ciphersuite protocols pfs curves


1 ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 ECDH,P-521,521bits prime256v1,secp384r1,secp521r1
2 ECDHE-RSA-AES256-SHA384 TLSv1.2 ECDH,P-521,521bits prime256v1,secp384r1,secp521r1
3 ECDHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-521,521bits prime256v1,secp384r1,secp521r1
4 DHE-RSA-AES256-GCM-SHA384 TLSv1.2 DH,1024bits None
5 DHE-RSA-AES256-SHA256 TLSv1.2 DH,1024bits None
6 DHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 DH,1024bits None
7 AES256-GCM-SHA384 TLSv1.2 None None
8 AES256-SHA256 TLSv1.2 None None
9 AES256-SHA TLSv1,TLSv1.1,TLSv1.2 None None
10 ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 ECDH,P-521,521bits prime256v1,secp384r1,secp521r1
11 ECDHE-RSA-AES128-SHA256 TLSv1.2 ECDH,P-521,521bits prime256v1,secp384r1,secp521r1
12 ECDHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-521,521bits prime256v1,secp384r1,secp521r1
13 DHE-RSA-AES128-GCM-SHA256 TLSv1.2 DH,1024bits None
14 DHE-RSA-AES128-SHA256 TLSv1.2 DH,1024bits None
15 DHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 DH,1024bits None
16 AES128-GCM-SHA256 TLSv1.2 None None
17 AES128-SHA256 TLSv1.2 None None
18 AES128-SHA TLSv1,TLSv1.1,TLSv1.2 None None

Certificate: trusted, 2048 bits, sha256WithRSAEncryption signature


TLS ticket lifetime hint: None
NPN protocols: None
OCSP stapling: not supported
Cipher ordering: client
Curves ordering: client - fallback: no
Server supports secure renegotiation
Server supported compression methods: NONE
TLS Tolerance: yes

Intolerance to:
SSL 3.254 : absent
TLS 1.0 : absent
TLS 1.1 : absent
TLS 1.2 : absent
TLS 1.3 : absent
TLS 1.4 : absent

2. MIRROR TRANSMITTER

[madmin@hipunlmar38 cipherscan]$ ./cipherscan inphwsmar02.ad.harman.com:5283

........................................
Target: inphwsmar02.ad.harman.com:5283

prio ciphersuite protocols pfs curves


1 ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 ECDH,P-521,521bits prime256v1,secp384r1,secp521r1
2 ECDHE-RSA-AES256-SHA384 TLSv1.2 ECDH,P-521,521bits prime256v1,secp384r1,secp521r1
3 ECDHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-521,521bits prime256v1,secp384r1,secp521r1
4 DHE-RSA-AES256-GCM-SHA384 TLSv1.2 DH,1024bits None
5 DHE-RSA-AES256-SHA256 TLSv1.2 DH,1024bits None
6 DHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 DH,1024bits None
7 AES256-GCM-SHA384 TLSv1.2 None None
8 AES256-SHA256 TLSv1.2 None None
9 AES256-SHA TLSv1,TLSv1.1,TLSv1.2 None None
10 ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 ECDH,P-521,521bits prime256v1,secp384r1,secp521r1
11 ECDHE-RSA-AES128-SHA256 TLSv1.2 ECDH,P-521,521bits prime256v1,secp384r1,secp521r1
12 ECDHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-521,521bits prime256v1,secp384r1,secp521r1
13 DHE-RSA-AES128-GCM-SHA256 TLSv1.2 DH,1024bits None
14 DHE-RSA-AES128-SHA256 TLSv1.2 DH,1024bits None
15 DHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 DH,1024bits None
16 AES128-GCM-SHA256 TLSv1.2 None None
17 AES128-SHA256 TLSv1.2 None None
18 AES128-SHA TLSv1,TLSv1.1,TLSv1.2 None None

Certificate: trusted, 2048 bits, sha256WithRSAEncryption signature


TLS ticket lifetime hint: None
NPN protocols: None
OCSP stapling: not supported
Cipher ordering: client
Curves ordering: client - fallback: no
Server supports secure renegotiation
Server supported compression methods: NONE
TLS Tolerance: yes

Intolerance to:
SSL 3.254 : absent
TLS 1.0 : absent
TLS 1.1 : absent
TLS 1.2 : absent
TLS 1.3 : absent
TLS 1.4 : absent

3. CMS

[madmin@hipunlmar38 cipherscan]$ ./cipherscan hipunwcmar04.ad.harman.com:8888


........................................
Target: hipunwcmar04.ad.harman.com:8888

prio ciphersuite protocols pfs curves


1 ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 ECDH,P-521,521bits prime256v1,secp384r1,secp521r1
2 ECDHE-RSA-AES256-SHA384 TLSv1.2 ECDH,P-521,521bits prime256v1,secp384r1,secp521r1
3 ECDHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-521,521bits prime256v1,secp384r1,secp521r1
4 DHE-RSA-AES256-GCM-SHA384 TLSv1.2 DH,1024bits None
5 DHE-RSA-AES256-SHA256 TLSv1.2 DH,1024bits None
6 DHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 DH,1024bits None
7 AES256-GCM-SHA384 TLSv1.2 None None
8 AES256-SHA256 TLSv1.2 None None
9 AES256-SHA TLSv1,TLSv1.1,TLSv1.2 None None
10 ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 ECDH,P-521,521bits prime256v1,secp384r1,secp521r1
11 ECDHE-RSA-AES128-SHA256 TLSv1.2 ECDH,P-521,521bits prime256v1,secp384r1,secp521r1
12 ECDHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-521,521bits prime256v1,secp384r1,secp521r1
13 DHE-RSA-AES128-GCM-SHA256 TLSv1.2 DH,1024bits None
14 DHE-RSA-AES128-SHA256 TLSv1.2 DH,1024bits None
15 DHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 DH,1024bits None
16 AES128-GCM-SHA256 TLSv1.2 None None
17 AES128-SHA256 TLSv1.2 None None
18 AES128-SHA TLSv1,TLSv1.1,TLSv1.2 None None

Certificate: trusted, 2048 bits, sha256WithRSAEncryption signature


TLS ticket lifetime hint: None
NPN protocols: None
OCSP stapling: not supported
Cipher ordering: client
Curves ordering: client - fallback: no
Server supports secure renegotiation
Server supported compression methods: NONE
TLS Tolerance: yes

Intolerance to:
SSL 3.254 : absent
TLS 1.0 : absent
TLS 1.1 : absent
TLS 1.2 : absent
TLS 1.3 : absent
TLS 1.4 : absent

4. REVERSE PROXY

[madmin@hipunlmar38 cipherscan]$ ./cipherscan inphwsmar05.ad.harman.com:8584


........................................
Target: inphwsmar05.ad.harman.com:8584

prio ciphersuite protocols pfs curves


1 ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 ECDH,P-521,521bits prime256v1,secp384r1,secp521r1
2 ECDHE-RSA-AES256-SHA384 TLSv1.2 ECDH,P-521,521bits prime256v1,secp384r1,secp521r1
3 ECDHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-521,521bits prime256v1,secp384r1,secp521r1
4 DHE-RSA-AES256-GCM-SHA384 TLSv1.2 DH,1024bits None
5 DHE-RSA-AES256-SHA256 TLSv1.2 DH,1024bits None
6 DHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 DH,1024bits None
7 AES256-GCM-SHA384 TLSv1.2 None None
8 AES256-SHA256 TLSv1.2 None None
9 AES256-SHA TLSv1,TLSv1.1,TLSv1.2 None None
10 ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 ECDH,P-521,521bits prime256v1,secp384r1,secp521r1
11 ECDHE-RSA-AES128-SHA256 TLSv1.2 ECDH,P-521,521bits prime256v1,secp384r1,secp521r1
12 ECDHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-521,521bits prime256v1,secp384r1,secp521r1
13 DHE-RSA-AES128-GCM-SHA256 TLSv1.2 DH,1024bits None
14 DHE-RSA-AES128-SHA256 TLSv1.2 DH,1024bits None
15 DHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 DH,1024bits None
16 AES128-GCM-SHA256 TLSv1.2 None None
17 AES128-SHA256 TLSv1.2 None None
18 AES128-SHA TLSv1,TLSv1.1,TLSv1.2 None None

Certificate: trusted, 4096 bits, sha256WithRSAEncryption signature


TLS ticket lifetime hint: None
NPN protocols: None
OCSP stapling: not supported
Cipher ordering: client
Curves ordering: client - fallback: no
Server supports secure renegotiation
Server supported compression methods: NONE
TLS Tolerance: yes

Intolerance to:
SSL 3.254 : absent
TLS 1.0 : absent
TLS 1.1 : absent
TLS 1.2 : absent
TLS 1.3 : absent
TLS 1.4 : absent

You might also like