LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   How do i find SSL enabled ports or SSL instances (https://www.linuxquestions.org/questions/linux-software-2/how-do-i-find-ssl-enabled-ports-or-ssl-instances-917881/)

Doknik 12-09-2011 06:07 AM
How do i find SSL enabled ports or SSL instances
 
Hi,
I am trying to do an audit of SSL enabled ports/services running on our Linux RHEL 5.3 servers .
I am trying to find which ports on our servers are ssl enabled .I am not sure how to find this .I need to know how to check which ports are using ssl enabled services.

I have run commands below

lsof -i -n -P
netstat -ntulp
netstat -nap

but from the outputs of these i am not sure how to determine which ports are running ssl.I am not sure what to look for

Any help please , I am aware of SSLscan utility but when i run it it doesnt return any values and spits out an error ...could not open a connection to host 127.0.0.1 on port 443

SSLscan It seems to work in our windows environment without any erors but not Linux .I am also aware of nmap but cannot use it in our environment for security reasons

Help please

lithos 12-10-2011 03:29 AM
Paste your outputs of
Code:
lsof -i -n -P
netstat -ntulp
netstat -nap
I'm sure someone will explain you everything.

Code:
root@~#>netstat -tapln
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address              Foreign Address            State      PID/Program name 
tcp        0      0 0.0.0.0:3306                0.0.0.0:*                  LISTEN      5676/mysqld       
tcp        0      0 0.0.0.0:139                0.0.0.0:*                  LISTEN      2253/smbd         
tcp        0      0 0.0.0.0:844                0.0.0.0:*                  LISTEN      1934/rpc.statd     
tcp        0      0 0.0.0.0:111                0.0.0.0:*                  LISTEN      1902/portmap       
tcp        0      0 192.168.0.7:53              0.0.0.0:*                  LISTEN      26994/named       
tcp        0      0 127.0.0.1:53                0.0.0.0:*                  LISTEN      26994/named       
tcp        0      0 0.0.0.0:21                  0.0.0.0:*                  LISTEN      2062/vsftpd       
tcp        0      0 0.0.0.0:25                  0.0.0.0:*                  LISTEN      30967/master       
tcp        0      0 127.0.0.1:953              0.0.0.0:*                  LISTEN      26994/named       
tcp        0      0 0.0.0.0:445                0.0.0.0:*                  LISTEN      2253/smbd         
tcp        0      0 192.168.0.7:139            192.168.0.18:4111          ESTABLISHED 26697/smbd         
tcp        0      0 :::33                      :::*                        LISTEN      2046/sshd         
tcp        0      0 :::80                      :::*                        LISTEN      2948/httpd         
tcp        0      0 :::25                      :::*                        LISTEN      30967/master       
tcp        0      0 :::443                      :::*                        LISTEN      2948/httpd
see as ROOT you get the last column name of the service running.... so look at port 443 (SSL http connection) :-)


All times are GMT -5. The time now is 05:23 AM.