• Forums
    • Public Forums
      • Community Connect
      • Dynatrace
        • Dynatrace Open Q&A
      • Application Monitoring & UEM
        • AppMon & UEM Open Q&A
      • Network Application Monitoring
        • NAM Open Q&A
        • Enterprise Synthetic Monitoring
      • Synthetic Classic
        • Synthetic Classic Open Q&A
      • BSM Open Q&A
  • Home /
  • Public Forums /
  • Network Application Monitoring /
  • NAM Open Q&A /
avatar image
Question by Thomas H. · Nov 12, 2014 at 02:21 PM ·

Encryption detection - Doodle

One of our customers ask if we can detect what encryption that have been used (SSL3/TLS1.0/TLS1.1 etc)

They would like to see this because of the POODLE SSLv3 Vulnerability and be able to report on it.

 

/Thomas

Comment

People who like this

0 Show 0
10 |2000 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users

4 Replies

· Add your reply
  • Sort: 
  • Most voted
  • Newest
  • Oldest
avatar image

Answer by Ulf T. · Nov 12, 2014 at 03:13 PM

Hi Thomas

As i know, there are no automatic way of getting insight into what version of SSL is being used.

However - RCON there is a number of things you could pursue, such as turning on the logging of all SSL SHOW SSLDECR LOGLEVEL

I don't have a SSL log at hand so I'm not 100% sure of what will be listed in there but it's a start. There are also some other things you could look into by using the fantastic RCON GUI (tongue) SSL-Related rcon Commands 

Comment

People who like this

0 Show 0 · Share
10 |2000 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users
avatar image

Answer by Adam P. · Nov 12, 2014 at 10:22 PM

Thomas,

Use rcmd show ssldecr status command, the usage is:

SHOW SSLDECR STATUS HELP - display this help message
SHOW SSLDECR STATUS - show aggregated information about SSL decryption status
SHOW SSLDECR STATUS * - show general information about SSL decryption status for all servers
SHOW SSLDECR STATUS ip_addr - show general information about SSL decryption status filtered by IP address
SHOW SSLDECR STATUS ip_addr port - show general information about SSL decryption status for one IP address and port number

The output should be simialr to:

SSL protocol version breakdown per number of sessions:
supported versions: ssl3.0=1003270 tls1.0=1351368 tls1.1=9287 tls1.2=39268
unsupported versions: ssl2.0=34 other versions=0 no version info=2490279

Comment

People who like this

0 Show 1 · Share
10 |2000 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users
avatar image Adam P. &. · Nov 13, 2014 at 01:08 AM 0
Share

Thomas,

If you would need help parsing the output of:

SHOW SSLDECR STATUS *

command, please let us know.

avatar image

Answer by Ulf T. · Nov 12, 2014 at 10:33 PM

Is there a way to see what IP is realted to what SSL?

I think what Thomas is fishing for is a list of all IP addresses that use SSL3.

Comment

People who like this

0 Show 1 · Share
10 |2000 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users
avatar image Adam P. &. · Nov 13, 2014 at 01:07 AM 0
Share

Yes, using:

SHOW SSLDECR STATUS *

command it prints out SSL stats (that mentioned SSL protocol version breakdown per number of sessions is a part of) for each monitored SSL server.

avatar image

Answer by Thomas H. · Nov 14, 2014 at 01:26 AM

Thanks Adam, that was exactly what they where looking for

/Thomas

Comment

People who like this

0 Show 0 · Share
10 |2000 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users

Your answer

Hint: You can notify a user about this post by typing @username

Up to 10 attachments (including images) can be used with a maximum of 52.4 MB each and 262.1 MB total.

Welcome to the
Dynatrace Community Forums

Check out the Forum User Guide and Forum Guidelines to learn how to get started.

EMEA Community Member of the Month - November 2018

Announcing Dynatrace's EMEA Community Member of the Month for November 2018, Mathieu C.! Click here to read more!

LATAM Community Member of the Month - November 2018

Announcing Dynatrace's LATAM Community Member of the Month for November 2018, Rene S.! Click here to read more!

Follow this Question

Answers Answers and Comments

2 People are following this question.

avatar image avatar image

Forum Tags

scripting nam server upgrade nam dna reports universal decode esm wan nam console ads rest api configuration mobileapp nam probe license dashboard sequence transactions sap citrix alerting mq css siebel
  • Forums
  • Public Forums
    • Community Connect
    • Dynatrace
      • Dynatrace Open Q&A
    • Application Monitoring & UEM
      • AppMon & UEM Open Q&A
    • Network Application Monitoring
      • NAM Open Q&A
      • Enterprise Synthetic Monitoring
    • Synthetic Classic
      • Synthetic Classic Open Q&A
    • BSM Open Q&A