Crypto Service Audit by Cryptosense

is the overall score for

clientondersteuningplus.nl

Crypto on this site is safe for legacy use, but is not up to date with the NIST standard.

Note: The overall score is calculated based on the lowest score achieved by any of the machines scanned.

Machines Scanned

B	clientondersteuningplus.nl	185.37.70.68	2023-03-24 09:16:30 UTC
-	localhost.clientondersteuningplus.nl	127.0.0.1	excluded
-	pop.clientondersteuningplus.nl	5.157.84.75	2023-03-24 09:16:30 UTC

Crypto Services Discovered

In the next pages, we list all of the machines detected. For each machine, we list the cryptographic services found. For each service, we give the reasons behind the grading and, if applicable, instructions on how to fix it.

clientondersteuningplus.nl

IP address	185.37.70.68
Last scan	2023-03-24 09:16:30 UTC

TLS FTP (port 21)

Rules applicable 4

A	A^!	B	C	D	F
3	0	1	0	0	0

TLS HTTP (port 443)

Rules applicable 4

A	A^!	B	C	D	F
3	0	1	0	0	0

TLS SMTP (port 465)

Rules applicable 4

A	A^!	B	C	D	F
3	0	1	0	0	0

TLS SMTP (port 587)

Rules applicable 4

A	A^!	B	C	D	F
3	0	1	0	0	0

TLS (port 21 – FTP)

Scan details

Versions	TLS 1.2
Ciphers	`TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256` TLS 1.2 `TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384` TLS 1.2 `TLS_DHE_RSA_WITH_AES_128_GCM_SHA256` TLS 1.2 `TLS_DHE_RSA_WITH_AES_256_GCM_SHA384` TLS 1.2
Cipher order	Server
Compression	`NULL` TLS 1.2
Certificate key	RSA 2048-bit test this key
Hash algorithm	SHA-256
Diffie-Hellman	Group (custom, 2048-bit): 0xe27b2cd5c91f4abc877173aa6c5a968ae793003c2a16af4cdd7b30433409c3eabb6d8192a40cf75465d8db33de04ea22c8251f20d67fc699fc50306a887636d8e2142cde39f5b128da68a0d285c823759b8dd5c4bf7f09ed9af5e5b0ab03cd8ddfc8fe2434a28f7e7af188ef9ce3f89a457c335f99aa9234690c66461df17181ecb075fa51b9c8e713f8fbf68984191fd4f78f26d6aaacb37a6f82d3850359a4583bab20edf23923d8edafd54565d87d7be524ec743e0b412124c53d9b6ad26db1f8e390e0e0dc8a8c8642ebfee31e306c67dd7e39ef3ef12f9f3489834671029f59eeb2362231c392129a1c176c351f680ad6f9f79dd940d724b47dcaae9b63 Generator: 0x2
Certificate start date	2023-01-23 07:19:52 UTC
Certificate expiration date	2023-04-23 07:19:51 UTC
Certificate serial number	264366351351156481945398639105837848593324
Certificate issuer	CN=R3,O=Let's Encrypt,C=US
Certificate subject	CN=server097.yourhosting.nl
Certificate SANs	`server097.yourhosting.nl`

Trigger	The server uses a 2048-bit Diffie-Hellman group.
Context	Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy. NIST recommends a group size of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 for long term applications (NIST SP 800-57, Part 1, Rev. 3).

Trigger

The server uses a 2048-bit Diffie-Hellman group.

Context

Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy.

NIST recommends a group size of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 for long term applications (NIST SP 800-57, Part 1, Rev. 3).

TLS (port 443 – HTTP)

Scan details

Versions	TLS 1.2
Ciphers	`TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256` TLS 1.2 `TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384` TLS 1.2 `TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256` TLS 1.2 `TLS_DHE_RSA_WITH_AES_128_GCM_SHA256` TLS 1.2 `TLS_DHE_RSA_WITH_AES_256_GCM_SHA384` TLS 1.2
Cipher order	Server
Compression	`NULL` TLS 1.2
Certificate key	RSA 2048-bit test this key
Hash algorithm	SHA-256
Diffie-Hellman	Group (custom, 2048-bit): 0xe27b2cd5c91f4abc877173aa6c5a968ae793003c2a16af4cdd7b30433409c3eabb6d8192a40cf75465d8db33de04ea22c8251f20d67fc699fc50306a887636d8e2142cde39f5b128da68a0d285c823759b8dd5c4bf7f09ed9af5e5b0ab03cd8ddfc8fe2434a28f7e7af188ef9ce3f89a457c335f99aa9234690c66461df17181ecb075fa51b9c8e713f8fbf68984191fd4f78f26d6aaacb37a6f82d3850359a4583bab20edf23923d8edafd54565d87d7be524ec743e0b412124c53d9b6ad26db1f8e390e0e0dc8a8c8642ebfee31e306c67dd7e39ef3ef12f9f3489834671029f59eeb2362231c392129a1c176c351f680ad6f9f79dd940d724b47dcaae9b63 Generator: 0x2
Certificate start date	2023-02-13 08:19:38 UTC
Certificate expiration date	2023-05-14 08:19:37 UTC
Certificate serial number	305863876524005035082983644644251009619857
Certificate issuer	CN=R3,O=Let's Encrypt,C=US
Certificate subject	CN=clientondersteuningplus.nl
Certificate SANs	`clientondersteuningplus.nl` `www.clientondersteuningplus.nl`

Trigger	The server uses a 2048-bit Diffie-Hellman group.
Context	Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy. NIST recommends a group size of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 for long term applications (NIST SP 800-57, Part 1, Rev. 3).

Trigger

The server uses a 2048-bit Diffie-Hellman group.

Context

Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy.

NIST recommends a group size of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 for long term applications (NIST SP 800-57, Part 1, Rev. 3).

TLS (port 465 – SMTP)

Scan details

Versions	TLS 1.2
Ciphers	`TLS_DHE_RSA_WITH_AES_128_GCM_SHA256` TLS 1.2 `TLS_DHE_RSA_WITH_AES_256_GCM_SHA384` TLS 1.2 `TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256` TLS 1.2 `TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384` TLS 1.2
Cipher order	Client
Compression	`NULL` TLS 1.2
Certificate key	RSA 2048-bit test this key
Hash algorithm	SHA-256
Diffie-Hellman	Group (custom, 2048-bit): 0xe27b2cd5c91f4abc877173aa6c5a968ae793003c2a16af4cdd7b30433409c3eabb6d8192a40cf75465d8db33de04ea22c8251f20d67fc699fc50306a887636d8e2142cde39f5b128da68a0d285c823759b8dd5c4bf7f09ed9af5e5b0ab03cd8ddfc8fe2434a28f7e7af188ef9ce3f89a457c335f99aa9234690c66461df17181ecb075fa51b9c8e713f8fbf68984191fd4f78f26d6aaacb37a6f82d3850359a4583bab20edf23923d8edafd54565d87d7be524ec743e0b412124c53d9b6ad26db1f8e390e0e0dc8a8c8642ebfee31e306c67dd7e39ef3ef12f9f3489834671029f59eeb2362231c392129a1c176c351f680ad6f9f79dd940d724b47dcaae9b63 Generator: 0x2
Certificate start date	2023-01-23 07:19:52 UTC
Certificate expiration date	2023-04-23 07:19:51 UTC
Certificate serial number	264366351351156481945398639105837848593324
Certificate issuer	CN=R3,O=Let's Encrypt,C=US
Certificate subject	CN=server097.yourhosting.nl
Certificate SANs	`server097.yourhosting.nl`

Trigger	The server uses a 2048-bit Diffie-Hellman group.
Context	Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy. NIST recommends a group size of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 for long term applications (NIST SP 800-57, Part 1, Rev. 3).

Trigger

The server uses a 2048-bit Diffie-Hellman group.

Context

Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy.

NIST recommends a group size of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 for long term applications (NIST SP 800-57, Part 1, Rev. 3).

TLS (port 587 – SMTP)

Scan details

Versions	TLS 1.2
Ciphers	`TLS_DHE_RSA_WITH_AES_128_GCM_SHA256` TLS 1.2 `TLS_DHE_RSA_WITH_AES_256_GCM_SHA384` TLS 1.2 `TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256` TLS 1.2 `TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384` TLS 1.2
Cipher order	Client
Compression	`NULL` TLS 1.2
Certificate key	RSA 2048-bit test this key
Hash algorithm	SHA-256
Diffie-Hellman	Group (custom, 2048-bit): 0xe27b2cd5c91f4abc877173aa6c5a968ae793003c2a16af4cdd7b30433409c3eabb6d8192a40cf75465d8db33de04ea22c8251f20d67fc699fc50306a887636d8e2142cde39f5b128da68a0d285c823759b8dd5c4bf7f09ed9af5e5b0ab03cd8ddfc8fe2434a28f7e7af188ef9ce3f89a457c335f99aa9234690c66461df17181ecb075fa51b9c8e713f8fbf68984191fd4f78f26d6aaacb37a6f82d3850359a4583bab20edf23923d8edafd54565d87d7be524ec743e0b412124c53d9b6ad26db1f8e390e0e0dc8a8c8642ebfee31e306c67dd7e39ef3ef12f9f3489834671029f59eeb2362231c392129a1c176c351f680ad6f9f79dd940d724b47dcaae9b63 Generator: 0x2
Certificate start date	2023-01-23 07:19:52 UTC
Certificate expiration date	2023-04-23 07:19:51 UTC
Certificate serial number	264366351351156481945398639105837848593324
Certificate issuer	CN=R3,O=Let's Encrypt,C=US
Certificate subject	CN=server097.yourhosting.nl
Certificate SANs	`server097.yourhosting.nl`

Trigger	The server uses a 2048-bit Diffie-Hellman group.
Context	Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy. NIST recommends a group size of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 for long term applications (NIST SP 800-57, Part 1, Rev. 3).

Trigger

The server uses a 2048-bit Diffie-Hellman group.

Context

Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy.

NIST recommends a group size of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 for long term applications (NIST SP 800-57, Part 1, Rev. 3).

localhost.clientondersteuningplus.nl

IP address	127.0.0.1
Last scan	excluded

This machine is excluded.

pop.clientondersteuningplus.nl

IP address	5.157.84.75
Last scan	2023-03-24 09:16:30 UTC

No service that could be analyzed detected on this machine.

Crypto Service Audit by Cryptosense

Machines Scanned

Crypto Services Discovered

clientondersteuningplus.nl

TLS (port 21 – FTP)

Scan details

Warnings

TLS (port 443 – HTTP)

Scan details

Warnings

TLS (port 465 – SMTP)

Scan details

Warnings

TLS (port 587 – SMTP)

Scan details

Warnings

localhost.clientondersteuningplus.nl

pop.clientondersteuningplus.nl