Crypto on this site is outdated and might not provide enough security.
Note: The overall score is calculated based on the lowest score achieved by any of the machines scanned.
-
|
virtualmin.com | 198.154.100.99 | 2024-04-18 16:33:02 UTC | ||
-
|
jamie.cloud.virtualmin.com | 108.60.199.109 | 2024-04-18 16:33:02 UTC | ||
-
|
ns.cloud.virtualmin.com | 108.60.199.108 | 2024-04-18 16:33:02 UTC | ||
-
|
ns2.cloud.virtualmin.com | 108.60.199.116 | 2024-04-18 16:33:02 UTC | ||
-
|
docs.virtualmin.com | 198.154.100.100 | 2024-04-18 16:33:02 UTC | ||
-
|
ftp.virtualmin.com | 108.60.199.107 | 2024-04-18 16:33:02 UTC | ||
C
|
software.virtualmin.com | 149.28.242.101 | 2024-04-18 16:33:02 UTC | ||
-
|
software2.virtualmin.com | 163.172.162.254 | 2024-04-18 16:33:03 UTC | ||
-
|
srv1.virtualmin.com | 108.60.199.106 | 2024-04-18 16:33:03 UTC |
Below we list all of the machines detected. For each machine, we list the cryptographic services found. For each service, we give the reasons behind the grading. To see the full details of the cryptography offered by a service, click on "show details".
IP address | 198.154.100.99 |
---|---|
Last scan | 2024-04-18 16:33:02 UTC |
No service that could be analyzed detected on this machine.
IP address | 108.60.199.109 |
---|---|
Last scan | 2024-04-18 16:33:02 UTC |
No service that could be analyzed detected on this machine.
IP address | 108.60.199.108 |
---|---|
Last scan | 2024-04-18 16:33:02 UTC |
No service that could be analyzed detected on this machine.
IP address | 108.60.199.116 |
---|---|
Last scan | 2024-04-18 16:33:02 UTC |
No service that could be analyzed detected on this machine.
IP address | 198.154.100.100 |
---|---|
Last scan | 2024-04-18 16:33:02 UTC |
No service that could be analyzed detected on this machine.
IP address | 108.60.199.107 |
---|---|
Last scan | 2024-04-18 16:33:02 UTC |
No service that could be analyzed detected on this machine.
IP address | 149.28.242.101 |
---|---|
Last scan | 2024-04-18 16:33:02 UTC |
Versions | TLS 1.0, TLS 1.1, TLS 1.2 |
---|---|
Fallback SCSV | Supported |
Ciphers |
|
Cipher order | Client |
Compression |
|
Certificate key | RSA 2048-bit test this key |
Hash algorithm | SHA-256 |
Diffie-Hellman |
|
Certificate start date | 2018-07-27 06:18:54 UTC |
Certificate expiration date | 2018-08-26 06:18:54 UTC |
Certificate serial number | 10016193776172319625 |
Certificate issuer | CN=software3.virtualmin.com ,O=Self-signed for software3.virtualmin.com ,L=NA,ST=NA,C=NA |
Certificate subject | CN=software3.virtualmin.com ,O=Self-signed for software3.virtualmin.com ,L=NA,ST=NA,C=NA |
Trigger | The server supports a cipher suite containing the RC4 cipher. |
---|---|
Context |
ECRYPT discourages the use of RC4 for both legacy and future applications (ECRYPT 2016 report). In TLS, cipher suites using RC4 have been deprecated as of February 2015 (RFC 7465). |
Trigger | The server uses a 2048-bit RSA key. |
---|---|
Context |
ECRYPT recommends a length of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 bits for long term applications (ECRYPT 2016 report). |
Trigger | The server uses a 2048-bit Diffie-Hellman group. |
---|---|
Context |
Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy. ECRYPT recommends a group size of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 for long term applications (ECRYPT 2016 report). |
Trigger | The server doesn't support any cipher suites containing the DES cipher. |
---|---|
Context |
DES is a cipher with an effective key length of 56 bits, too weak by ECRYPT even for legacy applications (ECRYPT 2016 report). |
Trigger | The hash used for the certificate is SHA-256. |
---|---|
Context |
ECRYPT considers SHA-2, SHA-3 and Whirlpool (with at least 256 bits of output) to be the only acceptable choices for future applications. SHA-1, RIPEMD-160, SHA-224 and SHA3-224 are acceptable for legacy applications. MD5 and RIPEMD-128 are considered to weak for any application (ECRYPT 2016 report). |
Version string | SSH-2.0-OpenSSH_7.4 |
|||||||||
---|---|---|---|---|---|---|---|---|---|---|
Encryption algorithms |
|
|||||||||
Compression algorithms |
|
|||||||||
MAC algorithms |
|
|||||||||
Server host key algorithms |
|
|||||||||
Key exchange algorithms |
|
|||||||||
Server keys |
|
Trigger | The server supports the "diffie-hellman-group1-sha1" algorithm. |
---|---|
Context |
Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy. ECRYPT recommends a group size of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 for long term applications (ECRYPT 2016 report). The "diffie-hellman-group1-sha1" key exchange algorithm uses the commonly-shared and 1024-bit Oakley Group 2 (RFC 4253). |
Trigger | The server uses a 2048-bit RSA key. |
---|---|
Context |
ECRYPT recommends a length of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 bits for long term applications (ECRYPT 2016 report). |
Trigger | The server supports the Blowfish cipher. |
---|---|
Context |
Blowfish is a block cipher with a 64-bit block size. ECRYPT considers Blowfish to only be suitable for legacy applications (ECRYPT 2016 report). |
Trigger | The server supports the 3DES cipher. |
---|---|
Context |
Three-key-3DES is a cipher with 168-bit keys but an effective key length of 112 bits because of a meet-in-the-middle attack. This is considered enough only for legacy. Furthermore, it has a 64-bit block size, which can be insufficient for some applications, for example because of birthday attacks (sweet32.info). ECRYPT considers 3DES to only be suitable for legacy applications (ECRYPT 2016 report). |
Trigger | The server doesn't support the DES cipher. |
---|---|
Context |
DES is a cipher with an effective key length of 56 bits, too weak by ECRYPT even for legacy applications (ECRYPT 2016 report). |
Trigger | The server doesn't support the RC4 cipher. |
---|---|
Context |
ECRYPT discourages the use of RC4 for both legacy and future applications (ECRYPT 2016 report). In SSH, RC4 is implemented as "arcfour", "arcfour128" and "arcfour256". "arcfour128" and "arcfour256" improve the original algorithm but are still considered weak (RFC 4345). |
Versions | TLS 1.2 |
---|---|
Ciphers |
|
Cipher order | Client |
Compression |
|
Certificate key | RSA 2048-bit test this key |
Hash algorithm | SHA-256 |
Diffie-Hellman |
|
Certificate start date | 2023-09-12 16:51:07 UTC |
Certificate expiration date | 2023-12-11 16:51:06 UTC |
Certificate serial number | 279503508235384226986805774441936220599460 |
Certificate issuer | CN=R3,O=Let's Encrypt,C=US |
Certificate subject | CN=software2.virtualmin.com |
Certificate SANs |
|
Trigger | The server uses a 2048-bit RSA key. |
---|---|
Context |
ECRYPT recommends a length of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 bits for long term applications (ECRYPT 2016 report). |
Trigger | The server uses a 2048-bit Diffie-Hellman group. |
---|---|
Context |
Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy. ECRYPT recommends a group size of at least 1024 bits for legacy applications, 3072 bits for near term applications and 15360 for long term applications (ECRYPT 2016 report). |
Trigger | The server doesn't support any cipher suites containing the DES cipher. |
---|---|
Context |
DES is a cipher with an effective key length of 56 bits, too weak by ECRYPT even for legacy applications (ECRYPT 2016 report). |
Trigger | The server doesn't support any cipher suites containing the RC4 cipher. |
---|---|
Context |
ECRYPT discourages the use of RC4 for both legacy and future applications (ECRYPT 2016 report). In TLS, cipher suites using RC4 have been deprecated as of February 2015 (RFC 7465). |
Trigger | The hash used for the certificate is SHA-256. |
---|---|
Context |
ECRYPT considers SHA-2, SHA-3 and Whirlpool (with at least 256 bits of output) to be the only acceptable choices for future applications. SHA-1, RIPEMD-160, SHA-224 and SHA3-224 are acceptable for legacy applications. MD5 and RIPEMD-128 are considered to weak for any application (ECRYPT 2016 report). |
IP address | 163.172.162.254 |
---|---|
Last scan | 2024-04-18 16:33:03 UTC |
No service that could be analyzed detected on this machine.
IP address | 108.60.199.106 |
---|---|
Last scan | 2024-04-18 16:33:03 UTC |
No service that could be analyzed detected on this machine.