Choose a standard

These results have been calculated using the following standard:

Export

B
is the overall score for
gsc-game.com

Crypto on this site is safe for legacy use, but is not up to date with the ECRYPT standard.

Note: The overall score is calculated based on the lowest score achieved by any of the machines scanned.

Machines Scanned

B
gsc-game.com 5.9.10.49 2020-01-20 11:50:53 UTC
You must be logged in to monitor hosts.
B
mail.gsc-game.com 5.9.10.59 2020-01-20 11:50:53 UTC
You must be logged in to monitor hosts.
down arrow

Crypto Services Discovered

Below we list all of the machines detected. For each machine, we list the cryptographic services found. For each service, we give the reasons behind the grading. To see the full details of the cryptography offered by a service, click on "show details".

gsc-game.com

IP address 5.9.10.49
Last scan 2020-01-20 11:50:53 UTC
TLS SMTP (port 25)
Rules applicable 5
B
A
A!
B
C
D
F
6 0 2 0 0 0
TLS POP3 (port 110)
Rules applicable 5
B
A
A!
B
C
D
F
6 0 2 0 0 0
TLS IMAP (port 143)
Rules applicable 5
B
A
A!
B
C
D
F
6 0 2 0 0 0
TLS HTTP (port 443)
Rules applicable 5
B
A
A!
B
C
D
F
6 0 2 0 0 0
TLS SMTP (port 465)
Rules applicable 5
B
A
A!
B
C
D
F
6 0 2 0 0 0
TLS SMTP (port 587)
Rules applicable 5
B
A
A!
B
C
D
F
6 0 2 0 0 0
TLS IMAP (port 993)
Rules applicable 5
B
A
A!
B
C
D
F
6 0 2 0 0 0
TLS POP3 (port 995)
Rules applicable 5
B
A
A!
B
C
D
F
6 0 2 0 0 0

TLS (port 25 – SMTP)

Show scan details
Versions TLS 1.0, TLS 1.1, TLS 1.2
Fallback SCSV Supported
Ciphers
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
Cipher order Client
Compression
  • NULL TLS 1.0, TLS 1.1, TLS 1.2
Certificate key RSA 2048-bit test this key
Hash algorithm SHA-256
Diffie-Hellman
  • Group (2048-bit MODP from RFC 5114): 0xad107e1e9123a9d0d660faa79559c51fa20d64e5683b9fd1b54b1597b61d0a75e6fa141df95a56dbaf9a3c407ba1df15eb3d688a309c180e1de6b85a1274a0a66d3f8152ad6ac2129037c9edefda4df8d91e8fef55b7394b7ad5b7d0b6c12207c9f98d11ed34dbf6c6ba0b2c8bbc27be6a00e0a0b9c49708b3bf8a317091883681286130bc8985db1602e714415d9330278273c7de31efdc7310f7121fd5a07415987d9adc0a486dcdf93acc44328387315d75e198c641a480cd86a1b9e587e8be60e69cc928b2b9c52172e413042e9b23f10b0e16e79763c9b53dcf4ba80a29e3fb73c16b8e75b97ef363e2ffa31f71cf9de5384e71b81c0ac4dffe0c10e64f
  • Generator: 0xac4032ef4f2d9ae39df30b5c8ffdac506cdebe7b89998caf74866a08cfe4ffe3a6824a4e10b9a6f0dd921f01a70c4afaab739d7700c29f52c57db17c620a8652be5e9001a8d66ad7c17669101999024af4d027275ac1348bb8a762d0521bc98ae247150422ea1ed409939d54da7460cdb5f6c6b250717cbef180eb34118e98d119529a45d6f834566e3025e316a330efbb77a86f0c1ab15b051ae3d428c8f8acb70a8137150b8eeb10e183edd19963ddd9e263e4770589ef6aa21e7f5f2ff381b539cce3409d13cd566afbb48d6c019181e1bcfe94b30269edfe72fe9b6aa4bd7b5a0f1c71cfff4c19c418e1f6ec017981bc087f2a7065b384b890d3191f2bfa
Certificate start date 2019-11-20 00:00:00 UTC
Certificate expiration date 2021-11-19 23:59:59 UTC
Certificate serial number 143972523249938712891418635289788234069
Certificate issuer C=GB,ST=Greater Manchester,L=Salford,O=Sectigo Limited,CN=Sectigo RSA Domain Validation Secure Server CA
Certificate subject OU=Domain Control Validated,OU=PositiveSSL,CN=mail.gsc-game.com
Certificate SANs
  • mail.gsc-game.com
  • www.mail.gsc-game.com
B
Warnings
Diffie-Hellman group size
Trigger The server uses a 2048-bit Diffie-Hellman group.
Context

Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy.

ECRYPT recommends a group size of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 for long term applications (ECRYPT 2016 report).

Certificate RSA key length
Trigger The server uses a 2048-bit RSA key.
Context

ECRYPT recommends a length of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 bits for long term applications (ECRYPT 2016 report).

A
Passed
Security of hash function for certificate signature digest
Trigger The hash used for the certificate is SHA-256.
Context

ECRYPT considers SHA-2, SHA-3 and Whirlpool (with at least 256 bits of output) to be the only acceptable choices for future applications. SHA-1, RIPEMD-160, SHA-224 and SHA3-224 are acceptable for legacy applications. MD5 and RIPEMD-128 are considered to weak for any application (ECRYPT 2016 report).

Support for DES cipher
Trigger The server doesn't support any cipher suites containing the DES cipher.
Context

DES is a cipher with an effective key length of 56 bits, too weak by ECRYPT even for legacy applications (ECRYPT 2016 report).

Support for RC4 cipher
Trigger The server doesn't support any cipher suites containing the RC4 cipher.
Context

ECRYPT discourages the use of RC4 for both legacy and future applications (ECRYPT 2016 report).

In TLS, cipher suites using RC4 have been deprecated as of February 2015 (RFC 7465).

Potential MITM attack tree
High level description

In some configurations of TLS, it is possible for an attacker with sufficient access to mount a MITM attack that gives him the ability to decrypt and modify all the traffic between the server and the client.

Representation
 
Partial decryption of messages in the direction Client->Server attack tree
High level description

In some configurations of TLS a padding oracle might be present on the server. This makes it possible for an attacker with sufficient access to partially decrypt the information sent from the client to the server.

Representation
 
Learn Master Secret by decrypting RSA key exchange attack tree
High level description

In some configurations of TLS, it is possible for an attacker with sufficient access to decrypt the Master Secret and thus the rest of the TLS stream.

Representation
 

TLS (port 110 – POP3)

Show scan details
Versions TLS 1.0, TLS 1.1, TLS 1.2
Fallback SCSV Not supported
Ciphers
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CCM TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CCM_8 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CCM TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CCM_8 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_SEED_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 TLS 1.2
Cipher order Client
Compression
  • NULL TLS 1.0, TLS 1.1, TLS 1.2
Certificate key RSA 2048-bit test this key
Hash algorithm SHA-256
Diffie-Hellman
  • Group (custom, 1024-bit): 0x8044935e1c1b3416990426061dbda25c910a9088689a412708ecc5c1e7b032eac4fb9ee9184cc6ad1931c31192ab551ff29e65eef5bc9c9aa915b6826b47fee4b47d1ef91914d4694439e2a4e826d82061447b5e8cb0e63082ebdae6af7b1743a5b9f7366aa84647302d1001a1694ac5cd5c2a9a33dd522fb498fc27a9f14933
  • Generator: 0x2
Certificate start date 2019-11-20 00:00:00 UTC
Certificate expiration date 2021-11-19 23:59:59 UTC
Certificate serial number 143972523249938712891418635289788234069
Certificate issuer C=GB,ST=Greater Manchester,L=Salford,O=Sectigo Limited,CN=Sectigo RSA Domain Validation Secure Server CA
Certificate subject OU=Domain Control Validated,OU=PositiveSSL,CN=mail.gsc-game.com
Certificate SANs
  • mail.gsc-game.com
  • www.mail.gsc-game.com
B
Warnings
Diffie-Hellman group size
Trigger The server uses a 1024-bit Diffie-Hellman group.
Context

Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy.

ECRYPT recommends a group size of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 for long term applications (ECRYPT 2016 report).

Certificate RSA key length
Trigger The server uses a 2048-bit RSA key.
Context

ECRYPT recommends a length of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 bits for long term applications (ECRYPT 2016 report).

A
Passed
Security of hash function for certificate signature digest
Trigger The hash used for the certificate is SHA-256.
Context

ECRYPT considers SHA-2, SHA-3 and Whirlpool (with at least 256 bits of output) to be the only acceptable choices for future applications. SHA-1, RIPEMD-160, SHA-224 and SHA3-224 are acceptable for legacy applications. MD5 and RIPEMD-128 are considered to weak for any application (ECRYPT 2016 report).

Support for DES cipher
Trigger The server doesn't support any cipher suites containing the DES cipher.
Context

DES is a cipher with an effective key length of 56 bits, too weak by ECRYPT even for legacy applications (ECRYPT 2016 report).

Support for RC4 cipher
Trigger The server doesn't support any cipher suites containing the RC4 cipher.
Context

ECRYPT discourages the use of RC4 for both legacy and future applications (ECRYPT 2016 report).

In TLS, cipher suites using RC4 have been deprecated as of February 2015 (RFC 7465).

Potential MITM attack tree
High level description

In some configurations of TLS, it is possible for an attacker with sufficient access to mount a MITM attack that gives him the ability to decrypt and modify all the traffic between the server and the client.

Representation
 
Partial decryption of messages in the direction Client->Server attack tree
High level description

In some configurations of TLS a padding oracle might be present on the server. This makes it possible for an attacker with sufficient access to partially decrypt the information sent from the client to the server.

Representation
 
Learn Master Secret by decrypting RSA key exchange attack tree
High level description

In some configurations of TLS, it is possible for an attacker with sufficient access to decrypt the Master Secret and thus the rest of the TLS stream.

Representation
 

TLS (port 143 – IMAP)

Show scan details
Versions TLS 1.0, TLS 1.1, TLS 1.2
Fallback SCSV Not supported
Ciphers
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CCM TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CCM_8 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CCM TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CCM_8 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_SEED_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 TLS 1.2
Cipher order Client
Compression
  • NULL TLS 1.0, TLS 1.1, TLS 1.2
Certificate key RSA 2048-bit test this key
Hash algorithm SHA-256
Diffie-Hellman
  • Group (custom, 1024-bit): 0x8044935e1c1b3416990426061dbda25c910a9088689a412708ecc5c1e7b032eac4fb9ee9184cc6ad1931c31192ab551ff29e65eef5bc9c9aa915b6826b47fee4b47d1ef91914d4694439e2a4e826d82061447b5e8cb0e63082ebdae6af7b1743a5b9f7366aa84647302d1001a1694ac5cd5c2a9a33dd522fb498fc27a9f14933
  • Generator: 0x2
Certificate start date 2019-11-20 00:00:00 UTC
Certificate expiration date 2021-11-19 23:59:59 UTC
Certificate serial number 143972523249938712891418635289788234069
Certificate issuer C=GB,ST=Greater Manchester,L=Salford,O=Sectigo Limited,CN=Sectigo RSA Domain Validation Secure Server CA
Certificate subject OU=Domain Control Validated,OU=PositiveSSL,CN=mail.gsc-game.com
Certificate SANs
  • mail.gsc-game.com
  • www.mail.gsc-game.com
B
Warnings
Diffie-Hellman group size
Trigger The server uses a 1024-bit Diffie-Hellman group.
Context

Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy.

ECRYPT recommends a group size of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 for long term applications (ECRYPT 2016 report).

Certificate RSA key length
Trigger The server uses a 2048-bit RSA key.
Context

ECRYPT recommends a length of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 bits for long term applications (ECRYPT 2016 report).

A
Passed
Security of hash function for certificate signature digest
Trigger The hash used for the certificate is SHA-256.
Context

ECRYPT considers SHA-2, SHA-3 and Whirlpool (with at least 256 bits of output) to be the only acceptable choices for future applications. SHA-1, RIPEMD-160, SHA-224 and SHA3-224 are acceptable for legacy applications. MD5 and RIPEMD-128 are considered to weak for any application (ECRYPT 2016 report).

Support for DES cipher
Trigger The server doesn't support any cipher suites containing the DES cipher.
Context

DES is a cipher with an effective key length of 56 bits, too weak by ECRYPT even for legacy applications (ECRYPT 2016 report).

Support for RC4 cipher
Trigger The server doesn't support any cipher suites containing the RC4 cipher.
Context

ECRYPT discourages the use of RC4 for both legacy and future applications (ECRYPT 2016 report).

In TLS, cipher suites using RC4 have been deprecated as of February 2015 (RFC 7465).

Potential MITM attack tree
High level description

In some configurations of TLS, it is possible for an attacker with sufficient access to mount a MITM attack that gives him the ability to decrypt and modify all the traffic between the server and the client.

Representation
 
Partial decryption of messages in the direction Client->Server attack tree
High level description

In some configurations of TLS a padding oracle might be present on the server. This makes it possible for an attacker with sufficient access to partially decrypt the information sent from the client to the server.

Representation
 
Learn Master Secret by decrypting RSA key exchange attack tree
High level description

In some configurations of TLS, it is possible for an attacker with sufficient access to decrypt the Master Secret and thus the rest of the TLS stream.

Representation
 

TLS (port 443 – HTTP)

Show scan details
Versions TLS 1.0, TLS 1.1, TLS 1.2
Fallback SCSV Supported
Ciphers
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CCM_8 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CCM TLS 1.2
  • TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 TLS 1.2
  • TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CCM_8 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CCM TLS 1.2
  • TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_RSA_WITH_AES_256_CCM_8 TLS 1.2
  • TLS_RSA_WITH_AES_256_CCM TLS 1.2
  • TLS_RSA_WITH_ARIA_256_GCM_SHA384 TLS 1.2
  • TLS_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_128_CCM_8 TLS 1.2
  • TLS_RSA_WITH_AES_128_CCM TLS 1.2
  • TLS_RSA_WITH_ARIA_128_GCM_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_CAMELLIA_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_CAMELLIA_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
Cipher order Server
Compression
  • NULL TLS 1.0, TLS 1.1, TLS 1.2
Certificate key RSA 2048-bit test this key
Hash algorithm SHA-256
Diffie-Hellman
  • Group (custom, 2048-bit): 0xb89e8933638a5695b63417c3213de16b1ea537e030681fb80b518c9c61246fbe00653516e7a71e576db43fa2a699491ddc78696b47fc9bb6432ff90357c0810b304fb1c55dc35b275d99e7e0423ac2452cfa2d5be07fe152243f9f60deea81f4ae72dfd8f10de66621868ee419774848230ba348084a32086ac9492868d775601a681ca66cf10eb1bad5d2527fb39fe2c461335a514e1298368d7e61e5ef13854b3e1613cfd2e9ecbbaeafa6603f2e5e48bc287a024f450261e21e7d58b1c32245f3287da3a2fb7dbdfe8a80dfed62b6f09b38be356f125ed1d3c8abc3ce90aa94d8e4c346e3080874358ff1f6ee1910b8042d2d2fe8450d4e5647dec5086ebb
  • Generator: 0x2
Certificate start date 2018-05-11 00:00:00 UTC
Certificate expiration date 2020-05-10 23:59:59 UTC
Certificate serial number 73047020241304048819727383402685332639
Certificate issuer C=GB,ST=Greater Manchester,L=Salford,O=COMODO CA Limited,CN=COMODO RSA Domain Validation Secure Server CA
Certificate subject OU=Domain Control Validated,OU=PositiveSSL,CN=gsc-game.com
Certificate SANs
  • gsc-game.com
  • www.gsc-game.com
B
Warnings
Diffie-Hellman group size
Trigger The server uses a 2048-bit Diffie-Hellman group.
Context

Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy.

ECRYPT recommends a group size of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 for long term applications (ECRYPT 2016 report).

Certificate RSA key length
Trigger The server uses a 2048-bit RSA key.
Context

ECRYPT recommends a length of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 bits for long term applications (ECRYPT 2016 report).

A
Passed
Security of hash function for certificate signature digest
Trigger The hash used for the certificate is SHA-256.
Context

ECRYPT considers SHA-2, SHA-3 and Whirlpool (with at least 256 bits of output) to be the only acceptable choices for future applications. SHA-1, RIPEMD-160, SHA-224 and SHA3-224 are acceptable for legacy applications. MD5 and RIPEMD-128 are considered to weak for any application (ECRYPT 2016 report).

Support for DES cipher
Trigger The server doesn't support any cipher suites containing the DES cipher.
Context

DES is a cipher with an effective key length of 56 bits, too weak by ECRYPT even for legacy applications (ECRYPT 2016 report).

Support for RC4 cipher
Trigger The server doesn't support any cipher suites containing the RC4 cipher.
Context

ECRYPT discourages the use of RC4 for both legacy and future applications (ECRYPT 2016 report).

In TLS, cipher suites using RC4 have been deprecated as of February 2015 (RFC 7465).

Potential MITM attack tree
High level description

In some configurations of TLS, it is possible for an attacker with sufficient access to mount a MITM attack that gives him the ability to decrypt and modify all the traffic between the server and the client.

Representation
 
Partial decryption of messages in the direction Client->Server attack tree
High level description

In some configurations of TLS a padding oracle might be present on the server. This makes it possible for an attacker with sufficient access to partially decrypt the information sent from the client to the server.

Representation
 
Learn Master Secret by decrypting RSA key exchange attack tree
High level description

In some configurations of TLS, it is possible for an attacker with sufficient access to decrypt the Master Secret and thus the rest of the TLS stream.

Representation
 

TLS (port 465 – SMTP)

Show scan details
Versions TLS 1.2
Ciphers
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CCM TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CCM_8 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CCM TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CCM_8 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_128_CCM TLS 1.2
  • TLS_RSA_WITH_AES_128_CCM_8 TLS 1.2
  • TLS_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_256_CCM TLS 1.2
  • TLS_RSA_WITH_AES_256_CCM_8 TLS 1.2
  • TLS_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_RSA_WITH_ARIA_128_GCM_SHA256 TLS 1.2
  • TLS_RSA_WITH_ARIA_256_GCM_SHA384 TLS 1.2
  • TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 TLS 1.2
Cipher order Client
Compression
  • NULL TLS 1.2
Certificate key RSA 2048-bit test this key
Hash algorithm SHA-256
Diffie-Hellman
  • Group (2048-bit MODP from RFC 5114): 0xad107e1e9123a9d0d660faa79559c51fa20d64e5683b9fd1b54b1597b61d0a75e6fa141df95a56dbaf9a3c407ba1df15eb3d688a309c180e1de6b85a1274a0a66d3f8152ad6ac2129037c9edefda4df8d91e8fef55b7394b7ad5b7d0b6c12207c9f98d11ed34dbf6c6ba0b2c8bbc27be6a00e0a0b9c49708b3bf8a317091883681286130bc8985db1602e714415d9330278273c7de31efdc7310f7121fd5a07415987d9adc0a486dcdf93acc44328387315d75e198c641a480cd86a1b9e587e8be60e69cc928b2b9c52172e413042e9b23f10b0e16e79763c9b53dcf4ba80a29e3fb73c16b8e75b97ef363e2ffa31f71cf9de5384e71b81c0ac4dffe0c10e64f
  • Generator: 0xac4032ef4f2d9ae39df30b5c8ffdac506cdebe7b89998caf74866a08cfe4ffe3a6824a4e10b9a6f0dd921f01a70c4afaab739d7700c29f52c57db17c620a8652be5e9001a8d66ad7c17669101999024af4d027275ac1348bb8a762d0521bc98ae247150422ea1ed409939d54da7460cdb5f6c6b250717cbef180eb34118e98d119529a45d6f834566e3025e316a330efbb77a86f0c1ab15b051ae3d428c8f8acb70a8137150b8eeb10e183edd19963ddd9e263e4770589ef6aa21e7f5f2ff381b539cce3409d13cd566afbb48d6c019181e1bcfe94b30269edfe72fe9b6aa4bd7b5a0f1c71cfff4c19c418e1f6ec017981bc087f2a7065b384b890d3191f2bfa
Certificate start date 2019-11-20 00:00:00 UTC
Certificate expiration date 2021-11-19 23:59:59 UTC
Certificate serial number 143972523249938712891418635289788234069
Certificate issuer C=GB,ST=Greater Manchester,L=Salford,O=Sectigo Limited,CN=Sectigo RSA Domain Validation Secure Server CA
Certificate subject OU=Domain Control Validated,OU=PositiveSSL,CN=mail.gsc-game.com
Certificate SANs
  • mail.gsc-game.com
  • www.mail.gsc-game.com
B
Warnings
Diffie-Hellman group size
Trigger The server uses a 2048-bit Diffie-Hellman group.
Context

Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy.

ECRYPT recommends a group size of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 for long term applications (ECRYPT 2016 report).

Certificate RSA key length
Trigger The server uses a 2048-bit RSA key.
Context

ECRYPT recommends a length of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 bits for long term applications (ECRYPT 2016 report).

A
Passed
Security of hash function for certificate signature digest
Trigger The hash used for the certificate is SHA-256.
Context

ECRYPT considers SHA-2, SHA-3 and Whirlpool (with at least 256 bits of output) to be the only acceptable choices for future applications. SHA-1, RIPEMD-160, SHA-224 and SHA3-224 are acceptable for legacy applications. MD5 and RIPEMD-128 are considered to weak for any application (ECRYPT 2016 report).

Support for DES cipher
Trigger The server doesn't support any cipher suites containing the DES cipher.
Context

DES is a cipher with an effective key length of 56 bits, too weak by ECRYPT even for legacy applications (ECRYPT 2016 report).

Support for RC4 cipher
Trigger The server doesn't support any cipher suites containing the RC4 cipher.
Context

ECRYPT discourages the use of RC4 for both legacy and future applications (ECRYPT 2016 report).

In TLS, cipher suites using RC4 have been deprecated as of February 2015 (RFC 7465).

Potential MITM attack tree
High level description

In some configurations of TLS, it is possible for an attacker with sufficient access to mount a MITM attack that gives him the ability to decrypt and modify all the traffic between the server and the client.

Representation
 
Partial decryption of messages in the direction Client->Server attack tree
High level description

In some configurations of TLS a padding oracle might be present on the server. This makes it possible for an attacker with sufficient access to partially decrypt the information sent from the client to the server.

Representation
 
Learn Master Secret by decrypting RSA key exchange attack tree
High level description

In some configurations of TLS, it is possible for an attacker with sufficient access to decrypt the Master Secret and thus the rest of the TLS stream.

Representation
 

TLS (port 587 – SMTP)

Show scan details
Versions TLS 1.2
Ciphers
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CCM TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CCM_8 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CCM TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CCM_8 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_128_CCM TLS 1.2
  • TLS_RSA_WITH_AES_128_CCM_8 TLS 1.2
  • TLS_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_256_CCM TLS 1.2
  • TLS_RSA_WITH_AES_256_CCM_8 TLS 1.2
  • TLS_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_RSA_WITH_ARIA_128_GCM_SHA256 TLS 1.2
  • TLS_RSA_WITH_ARIA_256_GCM_SHA384 TLS 1.2
  • TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 TLS 1.2
Cipher order Client
Compression
  • NULL TLS 1.2
Certificate key RSA 2048-bit test this key
Hash algorithm SHA-256
Diffie-Hellman
  • Group (2048-bit MODP from RFC 5114): 0xad107e1e9123a9d0d660faa79559c51fa20d64e5683b9fd1b54b1597b61d0a75e6fa141df95a56dbaf9a3c407ba1df15eb3d688a309c180e1de6b85a1274a0a66d3f8152ad6ac2129037c9edefda4df8d91e8fef55b7394b7ad5b7d0b6c12207c9f98d11ed34dbf6c6ba0b2c8bbc27be6a00e0a0b9c49708b3bf8a317091883681286130bc8985db1602e714415d9330278273c7de31efdc7310f7121fd5a07415987d9adc0a486dcdf93acc44328387315d75e198c641a480cd86a1b9e587e8be60e69cc928b2b9c52172e413042e9b23f10b0e16e79763c9b53dcf4ba80a29e3fb73c16b8e75b97ef363e2ffa31f71cf9de5384e71b81c0ac4dffe0c10e64f
  • Generator: 0xac4032ef4f2d9ae39df30b5c8ffdac506cdebe7b89998caf74866a08cfe4ffe3a6824a4e10b9a6f0dd921f01a70c4afaab739d7700c29f52c57db17c620a8652be5e9001a8d66ad7c17669101999024af4d027275ac1348bb8a762d0521bc98ae247150422ea1ed409939d54da7460cdb5f6c6b250717cbef180eb34118e98d119529a45d6f834566e3025e316a330efbb77a86f0c1ab15b051ae3d428c8f8acb70a8137150b8eeb10e183edd19963ddd9e263e4770589ef6aa21e7f5f2ff381b539cce3409d13cd566afbb48d6c019181e1bcfe94b30269edfe72fe9b6aa4bd7b5a0f1c71cfff4c19c418e1f6ec017981bc087f2a7065b384b890d3191f2bfa
Certificate start date 2019-11-20 00:00:00 UTC
Certificate expiration date 2021-11-19 23:59:59 UTC
Certificate serial number 143972523249938712891418635289788234069
Certificate issuer C=GB,ST=Greater Manchester,L=Salford,O=Sectigo Limited,CN=Sectigo RSA Domain Validation Secure Server CA
Certificate subject OU=Domain Control Validated,OU=PositiveSSL,CN=mail.gsc-game.com
Certificate SANs
  • mail.gsc-game.com
  • www.mail.gsc-game.com
B
Warnings
Diffie-Hellman group size
Trigger The server uses a 2048-bit Diffie-Hellman group.
Context

Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy.

ECRYPT recommends a group size of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 for long term applications (ECRYPT 2016 report).

Certificate RSA key length
Trigger The server uses a 2048-bit RSA key.
Context

ECRYPT recommends a length of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 bits for long term applications (ECRYPT 2016 report).

A
Passed
Security of hash function for certificate signature digest
Trigger The hash used for the certificate is SHA-256.
Context

ECRYPT considers SHA-2, SHA-3 and Whirlpool (with at least 256 bits of output) to be the only acceptable choices for future applications. SHA-1, RIPEMD-160, SHA-224 and SHA3-224 are acceptable for legacy applications. MD5 and RIPEMD-128 are considered to weak for any application (ECRYPT 2016 report).

Support for DES cipher
Trigger The server doesn't support any cipher suites containing the DES cipher.
Context

DES is a cipher with an effective key length of 56 bits, too weak by ECRYPT even for legacy applications (ECRYPT 2016 report).

Support for RC4 cipher
Trigger The server doesn't support any cipher suites containing the RC4 cipher.
Context

ECRYPT discourages the use of RC4 for both legacy and future applications (ECRYPT 2016 report).

In TLS, cipher suites using RC4 have been deprecated as of February 2015 (RFC 7465).

Potential MITM attack tree
High level description

In some configurations of TLS, it is possible for an attacker with sufficient access to mount a MITM attack that gives him the ability to decrypt and modify all the traffic between the server and the client.

Representation
 
Partial decryption of messages in the direction Client->Server attack tree
High level description

In some configurations of TLS a padding oracle might be present on the server. This makes it possible for an attacker with sufficient access to partially decrypt the information sent from the client to the server.

Representation
 
Learn Master Secret by decrypting RSA key exchange attack tree
High level description

In some configurations of TLS, it is possible for an attacker with sufficient access to decrypt the Master Secret and thus the rest of the TLS stream.

Representation
 

TLS (port 993 – IMAP)

Show scan details
Versions TLS 1.0, TLS 1.1, TLS 1.2
Fallback SCSV Not supported
Ciphers
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CCM TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CCM_8 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CCM TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CCM_8 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_SEED_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 TLS 1.2
Cipher order Client
Compression
  • NULL TLS 1.0, TLS 1.1, TLS 1.2
Certificate key RSA 2048-bit test this key
Hash algorithm SHA-256
Diffie-Hellman
  • Group (custom, 1024-bit): 0x8044935e1c1b3416990426061dbda25c910a9088689a412708ecc5c1e7b032eac4fb9ee9184cc6ad1931c31192ab551ff29e65eef5bc9c9aa915b6826b47fee4b47d1ef91914d4694439e2a4e826d82061447b5e8cb0e63082ebdae6af7b1743a5b9f7366aa84647302d1001a1694ac5cd5c2a9a33dd522fb498fc27a9f14933
  • Generator: 0x2
Certificate start date 2019-11-20 00:00:00 UTC
Certificate expiration date 2021-11-19 23:59:59 UTC
Certificate serial number 143972523249938712891418635289788234069
Certificate issuer C=GB,ST=Greater Manchester,L=Salford,O=Sectigo Limited,CN=Sectigo RSA Domain Validation Secure Server CA
Certificate subject OU=Domain Control Validated,OU=PositiveSSL,CN=mail.gsc-game.com
Certificate SANs
  • mail.gsc-game.com
  • www.mail.gsc-game.com
B
Warnings
Diffie-Hellman group size
Trigger The server uses a 1024-bit Diffie-Hellman group.
Context

Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy.

ECRYPT recommends a group size of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 for long term applications (ECRYPT 2016 report).

Certificate RSA key length
Trigger The server uses a 2048-bit RSA key.
Context

ECRYPT recommends a length of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 bits for long term applications (ECRYPT 2016 report).

A
Passed
Security of hash function for certificate signature digest
Trigger The hash used for the certificate is SHA-256.
Context

ECRYPT considers SHA-2, SHA-3 and Whirlpool (with at least 256 bits of output) to be the only acceptable choices for future applications. SHA-1, RIPEMD-160, SHA-224 and SHA3-224 are acceptable for legacy applications. MD5 and RIPEMD-128 are considered to weak for any application (ECRYPT 2016 report).

Support for DES cipher
Trigger The server doesn't support any cipher suites containing the DES cipher.
Context

DES is a cipher with an effective key length of 56 bits, too weak by ECRYPT even for legacy applications (ECRYPT 2016 report).

Support for RC4 cipher
Trigger The server doesn't support any cipher suites containing the RC4 cipher.
Context

ECRYPT discourages the use of RC4 for both legacy and future applications (ECRYPT 2016 report).

In TLS, cipher suites using RC4 have been deprecated as of February 2015 (RFC 7465).

Potential MITM attack tree
High level description

In some configurations of TLS, it is possible for an attacker with sufficient access to mount a MITM attack that gives him the ability to decrypt and modify all the traffic between the server and the client.

Representation
 
Partial decryption of messages in the direction Client->Server attack tree
High level description

In some configurations of TLS a padding oracle might be present on the server. This makes it possible for an attacker with sufficient access to partially decrypt the information sent from the client to the server.

Representation
 
Learn Master Secret by decrypting RSA key exchange attack tree
High level description

In some configurations of TLS, it is possible for an attacker with sufficient access to decrypt the Master Secret and thus the rest of the TLS stream.

Representation
 

TLS (port 995 – POP3)

Show scan details
Versions TLS 1.0, TLS 1.1, TLS 1.2
Fallback SCSV Not supported
Ciphers
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CCM TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CCM_8 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CCM TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CCM_8 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_SEED_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 TLS 1.2
Cipher order Client
Compression
  • NULL TLS 1.0, TLS 1.1, TLS 1.2
Certificate key RSA 2048-bit test this key
Hash algorithm SHA-256
Diffie-Hellman
  • Group (custom, 1024-bit): 0x8044935e1c1b3416990426061dbda25c910a9088689a412708ecc5c1e7b032eac4fb9ee9184cc6ad1931c31192ab551ff29e65eef5bc9c9aa915b6826b47fee4b47d1ef91914d4694439e2a4e826d82061447b5e8cb0e63082ebdae6af7b1743a5b9f7366aa84647302d1001a1694ac5cd5c2a9a33dd522fb498fc27a9f14933
  • Generator: 0x2
Certificate start date 2019-11-20 00:00:00 UTC
Certificate expiration date 2021-11-19 23:59:59 UTC
Certificate serial number 143972523249938712891418635289788234069
Certificate issuer C=GB,ST=Greater Manchester,L=Salford,O=Sectigo Limited,CN=Sectigo RSA Domain Validation Secure Server CA
Certificate subject OU=Domain Control Validated,OU=PositiveSSL,CN=mail.gsc-game.com
Certificate SANs
  • mail.gsc-game.com
  • www.mail.gsc-game.com
B
Warnings
Diffie-Hellman group size
Trigger The server uses a 1024-bit Diffie-Hellman group.
Context

Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy.

ECRYPT recommends a group size of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 for long term applications (ECRYPT 2016 report).

Certificate RSA key length
Trigger The server uses a 2048-bit RSA key.
Context

ECRYPT recommends a length of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 bits for long term applications (ECRYPT 2016 report).

A
Passed
Security of hash function for certificate signature digest
Trigger The hash used for the certificate is SHA-256.
Context

ECRYPT considers SHA-2, SHA-3 and Whirlpool (with at least 256 bits of output) to be the only acceptable choices for future applications. SHA-1, RIPEMD-160, SHA-224 and SHA3-224 are acceptable for legacy applications. MD5 and RIPEMD-128 are considered to weak for any application (ECRYPT 2016 report).

Support for DES cipher
Trigger The server doesn't support any cipher suites containing the DES cipher.
Context

DES is a cipher with an effective key length of 56 bits, too weak by ECRYPT even for legacy applications (ECRYPT 2016 report).

Support for RC4 cipher
Trigger The server doesn't support any cipher suites containing the RC4 cipher.
Context

ECRYPT discourages the use of RC4 for both legacy and future applications (ECRYPT 2016 report).

In TLS, cipher suites using RC4 have been deprecated as of February 2015 (RFC 7465).

Potential MITM attack tree
High level description

In some configurations of TLS, it is possible for an attacker with sufficient access to mount a MITM attack that gives him the ability to decrypt and modify all the traffic between the server and the client.

Representation
 
Partial decryption of messages in the direction Client->Server attack tree
High level description

In some configurations of TLS a padding oracle might be present on the server. This makes it possible for an attacker with sufficient access to partially decrypt the information sent from the client to the server.

Representation
 
Learn Master Secret by decrypting RSA key exchange attack tree
High level description

In some configurations of TLS, it is possible for an attacker with sufficient access to decrypt the Master Secret and thus the rest of the TLS stream.

Representation
 

mail.gsc-game.com

IP address 5.9.10.59
Last scan 2020-01-20 11:50:53 UTC
TLS SMTP (port 25)
Rules applicable 5
B
A
A!
B
C
D
F
6 0 2 0 0 0
TLS POP3 (port 110)
Rules applicable 5
B
A
A!
B
C
D
F
6 0 2 0 0 0
TLS IMAP (port 143)
Rules applicable 5
B
A
A!
B
C
D
F
6 0 2 0 0 0
TLS HTTP (port 443)
Rules applicable 5
B
A
A!
B
C
D
F
6 0 2 0 0 0
TLS SMTP (port 465)
Rules applicable 5
B
A
A!
B
C
D
F
6 0 2 0 0 0
TLS SMTP (port 587)
Rules applicable 5
B
A
A!
B
C
D
F
6 0 2 0 0 0
TLS IMAP (port 993)
Rules applicable 5
B
A
A!
B
C
D
F
6 0 2 0 0 0
TLS POP3 (port 995)
Rules applicable 5
B
A
A!
B
C
D
F
6 0 2 0 0 0

TLS (port 25 – SMTP)

Show scan details
Versions TLS 1.0, TLS 1.1, TLS 1.2
Fallback SCSV Supported
Ciphers
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
Cipher order Client
Compression
  • NULL TLS 1.0, TLS 1.1, TLS 1.2
Certificate key RSA 2048-bit test this key
Hash algorithm SHA-256
Diffie-Hellman
  • Group (2048-bit MODP from RFC 5114): 0xad107e1e9123a9d0d660faa79559c51fa20d64e5683b9fd1b54b1597b61d0a75e6fa141df95a56dbaf9a3c407ba1df15eb3d688a309c180e1de6b85a1274a0a66d3f8152ad6ac2129037c9edefda4df8d91e8fef55b7394b7ad5b7d0b6c12207c9f98d11ed34dbf6c6ba0b2c8bbc27be6a00e0a0b9c49708b3bf8a317091883681286130bc8985db1602e714415d9330278273c7de31efdc7310f7121fd5a07415987d9adc0a486dcdf93acc44328387315d75e198c641a480cd86a1b9e587e8be60e69cc928b2b9c52172e413042e9b23f10b0e16e79763c9b53dcf4ba80a29e3fb73c16b8e75b97ef363e2ffa31f71cf9de5384e71b81c0ac4dffe0c10e64f
  • Generator: 0xac4032ef4f2d9ae39df30b5c8ffdac506cdebe7b89998caf74866a08cfe4ffe3a6824a4e10b9a6f0dd921f01a70c4afaab739d7700c29f52c57db17c620a8652be5e9001a8d66ad7c17669101999024af4d027275ac1348bb8a762d0521bc98ae247150422ea1ed409939d54da7460cdb5f6c6b250717cbef180eb34118e98d119529a45d6f834566e3025e316a330efbb77a86f0c1ab15b051ae3d428c8f8acb70a8137150b8eeb10e183edd19963ddd9e263e4770589ef6aa21e7f5f2ff381b539cce3409d13cd566afbb48d6c019181e1bcfe94b30269edfe72fe9b6aa4bd7b5a0f1c71cfff4c19c418e1f6ec017981bc087f2a7065b384b890d3191f2bfa
Certificate start date 2019-11-20 00:00:00 UTC
Certificate expiration date 2021-11-19 23:59:59 UTC
Certificate serial number 143972523249938712891418635289788234069
Certificate issuer C=GB,ST=Greater Manchester,L=Salford,O=Sectigo Limited,CN=Sectigo RSA Domain Validation Secure Server CA
Certificate subject OU=Domain Control Validated,OU=PositiveSSL,CN=mail.gsc-game.com
Certificate SANs
  • mail.gsc-game.com
  • www.mail.gsc-game.com
B
Warnings
Diffie-Hellman group size
Trigger The server uses a 2048-bit Diffie-Hellman group.
Context

Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy.

ECRYPT recommends a group size of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 for long term applications (ECRYPT 2016 report).

Certificate RSA key length
Trigger The server uses a 2048-bit RSA key.
Context

ECRYPT recommends a length of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 bits for long term applications (ECRYPT 2016 report).

A
Passed
Security of hash function for certificate signature digest
Trigger The hash used for the certificate is SHA-256.
Context

ECRYPT considers SHA-2, SHA-3 and Whirlpool (with at least 256 bits of output) to be the only acceptable choices for future applications. SHA-1, RIPEMD-160, SHA-224 and SHA3-224 are acceptable for legacy applications. MD5 and RIPEMD-128 are considered to weak for any application (ECRYPT 2016 report).

Support for DES cipher
Trigger The server doesn't support any cipher suites containing the DES cipher.
Context

DES is a cipher with an effective key length of 56 bits, too weak by ECRYPT even for legacy applications (ECRYPT 2016 report).

Support for RC4 cipher
Trigger The server doesn't support any cipher suites containing the RC4 cipher.
Context

ECRYPT discourages the use of RC4 for both legacy and future applications (ECRYPT 2016 report).

In TLS, cipher suites using RC4 have been deprecated as of February 2015 (RFC 7465).

Potential MITM attack tree
High level description

In some configurations of TLS, it is possible for an attacker with sufficient access to mount a MITM attack that gives him the ability to decrypt and modify all the traffic between the server and the client.

Representation
 
Partial decryption of messages in the direction Client->Server attack tree
High level description

In some configurations of TLS a padding oracle might be present on the server. This makes it possible for an attacker with sufficient access to partially decrypt the information sent from the client to the server.

Representation
 
Learn Master Secret by decrypting RSA key exchange attack tree
High level description

In some configurations of TLS, it is possible for an attacker with sufficient access to decrypt the Master Secret and thus the rest of the TLS stream.

Representation
 

TLS (port 110 – POP3)

Show scan details
Versions TLS 1.0, TLS 1.1, TLS 1.2
Fallback SCSV Not supported
Ciphers
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CCM TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CCM_8 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CCM TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CCM_8 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_SEED_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 TLS 1.2
Cipher order Client
Compression
  • NULL TLS 1.0, TLS 1.1, TLS 1.2
Certificate key RSA 2048-bit test this key
Hash algorithm SHA-256
Diffie-Hellman
  • Group (custom, 1024-bit): 0x8044935e1c1b3416990426061dbda25c910a9088689a412708ecc5c1e7b032eac4fb9ee9184cc6ad1931c31192ab551ff29e65eef5bc9c9aa915b6826b47fee4b47d1ef91914d4694439e2a4e826d82061447b5e8cb0e63082ebdae6af7b1743a5b9f7366aa84647302d1001a1694ac5cd5c2a9a33dd522fb498fc27a9f14933
  • Generator: 0x2
Certificate start date 2019-11-20 00:00:00 UTC
Certificate expiration date 2021-11-19 23:59:59 UTC
Certificate serial number 143972523249938712891418635289788234069
Certificate issuer C=GB,ST=Greater Manchester,L=Salford,O=Sectigo Limited,CN=Sectigo RSA Domain Validation Secure Server CA
Certificate subject OU=Domain Control Validated,OU=PositiveSSL,CN=mail.gsc-game.com
Certificate SANs
  • mail.gsc-game.com
  • www.mail.gsc-game.com
B
Warnings
Diffie-Hellman group size
Trigger The server uses a 1024-bit Diffie-Hellman group.
Context

Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy.

ECRYPT recommends a group size of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 for long term applications (ECRYPT 2016 report).

Certificate RSA key length
Trigger The server uses a 2048-bit RSA key.
Context

ECRYPT recommends a length of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 bits for long term applications (ECRYPT 2016 report).

A
Passed
Security of hash function for certificate signature digest
Trigger The hash used for the certificate is SHA-256.
Context

ECRYPT considers SHA-2, SHA-3 and Whirlpool (with at least 256 bits of output) to be the only acceptable choices for future applications. SHA-1, RIPEMD-160, SHA-224 and SHA3-224 are acceptable for legacy applications. MD5 and RIPEMD-128 are considered to weak for any application (ECRYPT 2016 report).

Support for DES cipher
Trigger The server doesn't support any cipher suites containing the DES cipher.
Context

DES is a cipher with an effective key length of 56 bits, too weak by ECRYPT even for legacy applications (ECRYPT 2016 report).

Support for RC4 cipher
Trigger The server doesn't support any cipher suites containing the RC4 cipher.
Context

ECRYPT discourages the use of RC4 for both legacy and future applications (ECRYPT 2016 report).

In TLS, cipher suites using RC4 have been deprecated as of February 2015 (RFC 7465).

Potential MITM attack tree
High level description

In some configurations of TLS, it is possible for an attacker with sufficient access to mount a MITM attack that gives him the ability to decrypt and modify all the traffic between the server and the client.

Representation
 
Partial decryption of messages in the direction Client->Server attack tree
High level description

In some configurations of TLS a padding oracle might be present on the server. This makes it possible for an attacker with sufficient access to partially decrypt the information sent from the client to the server.

Representation
 
Learn Master Secret by decrypting RSA key exchange attack tree
High level description

In some configurations of TLS, it is possible for an attacker with sufficient access to decrypt the Master Secret and thus the rest of the TLS stream.

Representation
 

TLS (port 143 – IMAP)

Show scan details
Versions TLS 1.0, TLS 1.1, TLS 1.2
Fallback SCSV Not supported
Ciphers
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CCM TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CCM_8 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CCM TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CCM_8 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_SEED_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 TLS 1.2
Cipher order Client
Compression
  • NULL TLS 1.0, TLS 1.1, TLS 1.2
Certificate key RSA 2048-bit test this key
Hash algorithm SHA-256
Diffie-Hellman
  • Group (custom, 1024-bit): 0x8044935e1c1b3416990426061dbda25c910a9088689a412708ecc5c1e7b032eac4fb9ee9184cc6ad1931c31192ab551ff29e65eef5bc9c9aa915b6826b47fee4b47d1ef91914d4694439e2a4e826d82061447b5e8cb0e63082ebdae6af7b1743a5b9f7366aa84647302d1001a1694ac5cd5c2a9a33dd522fb498fc27a9f14933
  • Generator: 0x2
Certificate start date 2019-11-20 00:00:00 UTC
Certificate expiration date 2021-11-19 23:59:59 UTC
Certificate serial number 143972523249938712891418635289788234069
Certificate issuer C=GB,ST=Greater Manchester,L=Salford,O=Sectigo Limited,CN=Sectigo RSA Domain Validation Secure Server CA
Certificate subject OU=Domain Control Validated,OU=PositiveSSL,CN=mail.gsc-game.com
Certificate SANs
  • mail.gsc-game.com
  • www.mail.gsc-game.com
B
Warnings
Diffie-Hellman group size
Trigger The server uses a 1024-bit Diffie-Hellman group.
Context

Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy.

ECRYPT recommends a group size of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 for long term applications (ECRYPT 2016 report).

Certificate RSA key length
Trigger The server uses a 2048-bit RSA key.
Context

ECRYPT recommends a length of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 bits for long term applications (ECRYPT 2016 report).

A
Passed
Security of hash function for certificate signature digest
Trigger The hash used for the certificate is SHA-256.
Context

ECRYPT considers SHA-2, SHA-3 and Whirlpool (with at least 256 bits of output) to be the only acceptable choices for future applications. SHA-1, RIPEMD-160, SHA-224 and SHA3-224 are acceptable for legacy applications. MD5 and RIPEMD-128 are considered to weak for any application (ECRYPT 2016 report).

Support for DES cipher
Trigger The server doesn't support any cipher suites containing the DES cipher.
Context

DES is a cipher with an effective key length of 56 bits, too weak by ECRYPT even for legacy applications (ECRYPT 2016 report).

Support for RC4 cipher
Trigger The server doesn't support any cipher suites containing the RC4 cipher.
Context

ECRYPT discourages the use of RC4 for both legacy and future applications (ECRYPT 2016 report).

In TLS, cipher suites using RC4 have been deprecated as of February 2015 (RFC 7465).

Potential MITM attack tree
High level description

In some configurations of TLS, it is possible for an attacker with sufficient access to mount a MITM attack that gives him the ability to decrypt and modify all the traffic between the server and the client.

Representation
 
Partial decryption of messages in the direction Client->Server attack tree
High level description

In some configurations of TLS a padding oracle might be present on the server. This makes it possible for an attacker with sufficient access to partially decrypt the information sent from the client to the server.

Representation