• Forums
    • Public Forums
      • Community Connect
      • Dynatrace SaaS & Managed
        • Dynatrace SaaS & Managed Open Q&A
      • Application Monitoring & UEM
        • AppMon & UEM Free Trial
        • AppMon & UEM Open Q&A
        • AppMon & UEM Plugins
      • Data Center RUM
        • DC RUM Open Q&A
        • Enterprise Synthetic Monitoring
      • Dynatrace Synthetic Monitoring
        • Dynatrace Synthetic Open Q&A
        • Dynatrace Synthetic EAP Feedback
      • Keynote Synthetic Monitoring
        • Keynote Synthetic Open Q&A
        • Keynote Synthetic EAP Feedback
      • BSM Open Q&A
      • Dynatrace Open Q&A en Español
  • Home /
  • Public Forums /
  • Data Center RUM /
  • DC RUM Open Q&A /
avatar image
Question by Thomas H. · Nov 12, 2014 at 02:21 PM ·

Encryption detection - Doodle

One of our customers ask if we can detect what encryption that have been used (SSL3/TLS1.0/TLS1.1 etc)

They would like to see this because of the POODLE SSLv3 Vulnerability and be able to report on it.

 

/Thomas

Comment

People who like this

0 Show 0
10 |2000 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users

4 Replies

· Add your reply
  • Sort: 
  • Most voted
  • Newest
  • Oldest
avatar image

Answer by Ulf T. · Nov 12, 2014 at 03:13 PM

Hi Thomas

As i know, there are no automatic way of getting insight into what version of SSL is being used.

However - RCON there is a number of things you could pursue, such as turning on the logging of all SSL SHOW SSLDECR LOGLEVEL

I don't have a SSL log at hand so I'm not 100% sure of what will be listed in there but it's a start. There are also some other things you could look into by using the fantastic RCON GUI (tongue) SSL-Related rcon Commands 

Comment

People who like this

0 Show 0 · Share
10 |2000 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users
avatar image

Answer by Adam P. · Nov 12, 2014 at 10:22 PM

Thomas,

Use rcmd show ssldecr status command, the usage is:

SHOW SSLDECR STATUS HELP - display this help message
SHOW SSLDECR STATUS - show aggregated information about SSL decryption status
SHOW SSLDECR STATUS * - show general information about SSL decryption status for all servers
SHOW SSLDECR STATUS ip_addr - show general information about SSL decryption status filtered by IP address
SHOW SSLDECR STATUS ip_addr port - show general information about SSL decryption status for one IP address and port number

The output should be simialr to:

SSL protocol version breakdown per number of sessions:
supported versions: ssl3.0=1003270 tls1.0=1351368 tls1.1=9287 tls1.2=39268
unsupported versions: ssl2.0=34 other versions=0 no version info=2490279

Comment

People who like this

0 Show 1 · Share
10 |2000 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users
avatar image Adam P. &. · Nov 13, 2014 at 01:08 AM 0
Share

Thomas,

If you would need help parsing the output of:

SHOW SSLDECR STATUS *

command, please let us know.

avatar image

Answer by Ulf T. · Nov 12, 2014 at 10:33 PM

Is there a way to see what IP is realted to what SSL?

I think what Thomas is fishing for is a list of all IP addresses that use SSL3.

Comment

People who like this

0 Show 1 · Share
10 |2000 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users
avatar image Adam P. &. · Nov 13, 2014 at 01:07 AM 0
Share

Yes, using:

SHOW SSLDECR STATUS *

command it prints out SSL stats (that mentioned SSL protocol version breakdown per number of sessions is a part of) for each monitored SSL server.

avatar image

Answer by Thomas H. · Nov 14, 2014 at 01:26 AM

Thanks Adam, that was exactly what they where looking for

/Thomas

Comment

People who like this

0 Show 0 · Share
10 |2000 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users

Your answer

Hint: You can notify a user about this post by typing @username

Up to 5 attachments (including images) can be used with a maximum of 52.4 MB each and 262.1 MB total.

Welcome the
Dynatrace Community Forums

Check out the Forum User Guide and Forum Guidelines to learn how to get started.

Community Member of the Month
September 2017

Announcing Dynatrace's Community Member of the Month for September 2017, Tarun A.! Click here to read more!

Follow this Question

Answers Answers and Comments

2 People are following this question.

avatar image avatar image

Forum Tags

known issue universal decode rum console mobileapp data delay data retention oracle export data metrics dmi all other operations sites url learning smtp monitoring sequence transactions virtualization dc rum splunk sso task scheduling http citrix operation amd reporting trace good to know sniffing point diagnostics url aging installation currency licensing sending reports gomez 12.4 xml ssl decryption community corba failover http express tcam snc voip community awards dna span ports reports buc data export high speed amd transaction tds user aggregation best practices hardware ads ssl configuration security rest api high five award operational attributes netflow css web soap data processing appflow 17.0 sap esm cba amd restarts redhat autodiscovery rcon dcrum data validation integration bmc web performance monitoring rtmgate sql smb migration 12.3 mq snmp oracle applications rtmjob capacity jolt iiop user recognition url monitoring regex ahs cas exchange performance byte 12.4.10 tips and tricks dashboard cluster bulk insert hierarchy cas benchmark tool baselines data access 12.2 parameters traps mssql oracle forms scalability rhel7 software services documentation alerting dc rum extensions administration
  • Forums
  • Public Forums
    • Community Connect
    • Dynatrace SaaS & Managed
      • Dynatrace SaaS & Managed Open Q&A
    • Application Monitoring & UEM
      • AppMon & UEM Free Trial
      • AppMon & UEM Open Q&A
      • AppMon & UEM Plugins
    • Data Center RUM
      • DC RUM Open Q&A
      • Enterprise Synthetic Monitoring
    • Dynatrace Synthetic Monitoring
      • Dynatrace Synthetic Open Q&A
      • Dynatrace Synthetic EAP Feedback
    • Keynote Synthetic Monitoring
      • Keynote Synthetic Open Q&A
      • Keynote Synthetic EAP Feedback
    • BSM Open Q&A
    • Dynatrace Open Q&A en Español