Crypto Service Audit by Cryptosense

Report for virtualmin.com produced at 2020-05-30 20:20:53 UTC using the Cryptosense 2019 standard.

For more information on coverage, go to discovery.cryptosense.com/faq. If you have any suggestions for improving this report, please send us an email at discovery@cryptosense.com.

D
is the overall score for
virtualmin.com

Crypto on this site is broken and is likely not to provide enough security.

Note: The overall score is calculated based on the lowest score achieved by any of the machines scanned.

Machines Scanned

C
virtualmin.com 198.154.100.99 2020-05-30 07:07:12 UTC
C
jamie.cloud.virtualmin.com 108.60.199.109 2020-05-30 07:07:12 UTC
C
ns.cloud.virtualmin.com 108.60.199.108 2020-05-30 07:07:12 UTC
C
ns2.cloud.virtualmin.com 108.60.199.116 2020-05-30 07:07:12 UTC
C
docs.virtualmin.com 198.154.100.100 2020-05-30 07:07:12 UTC
-
ftp.virtualmin.com 108.60.199.107 2020-05-30 07:07:12 UTC
D
software.virtualmin.com 149.28.242.101 2020-05-30 07:07:12 UTC
C
software2.virtualmin.com 163.172.162.254 2020-05-30 07:07:13 UTC
C
srv1.virtualmin.com 108.60.199.106 2020-05-30 07:07:13 UTC

Crypto Services Discovered

In the next pages, we list all of the machines detected. For each machine, we list the cryptographic services found. For each service, we give the reasons behind the grading and, if applicable, instructions on how to fix it.

virtualmin.com

IP address 198.154.100.99
Last scan 2020-05-30 07:07:12 UTC
SSH (port 22)
Rules applicable 9
C
A
A!
B
C
D
F
4 1 2 2 0 0
TLS POP3 (port 110)
Rules applicable 19
C
A
A!
B
C
D
F
18 2 1 1 0 0
TLS IMAP (port 143)
Rules applicable 19
C
A
A!
B
C
D
F
18 2 1 1 0 0
TLS HTTP (port 443)
Rules applicable 21
C
A
A!
B
C
D
F
19 3 1 1 0 0
TLS IMAP (port 993)
Rules applicable 19
C
A
A!
B
C
D
F
18 2 1 1 0 0
TLS POP3 (port 995)
Rules applicable 19
C
A
A!
B
C
D
F
18 2 1 1 0 0

SSH (port 22)

Scan details
Version string SSH-2.0-OpenSSH_7.4
Encryption algorithms
  • 3des-cbc
  • aes128-cbc
  • aes128-ctr
  • aes128-gcm@openssh.com
  • aes192-cbc
  • aes192-ctr
  • aes256-cbc
  • aes256-ctr
  • aes256-gcm@openssh.com
  • blowfish-cbc
  • cast128-cbc
  • chacha20-poly1305@openssh.com
Compression algorithms
  • none
  • zlib@openssh.com
MAC algorithms
  • hmac-sha1
  • hmac-sha1-etm@openssh.com
  • hmac-sha2-256
  • hmac-sha2-256-etm@openssh.com
  • hmac-sha2-512
  • hmac-sha2-512-etm@openssh.com
  • umac-128-etm@openssh.com
  • umac-128@openssh.com
  • umac-64-etm@openssh.com
  • umac-64@openssh.com
Server host key algorithms
  • ecdsa-sha2-nistp256
  • rsa-sha2-256
  • rsa-sha2-512
  • ssh-rsa
Key exchange algorithms
  • curve25519-sha256
  • curve25519-sha256@libssh.org
  • diffie-hellman-group-exchange-sha1
  • diffie-hellman-group-exchange-sha256
  • diffie-hellman-group1-sha1
  • diffie-hellman-group14-sha1
  • diffie-hellman-group14-sha256
  • diffie-hellman-group16-sha512
  • diffie-hellman-group18-sha512
  • ecdh-sha2-nistp256
  • ecdh-sha2-nistp384
  • ecdh-sha2-nistp521
Server keys
ECDSA secp256r1 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBH04EDi9lRIUO1XRJ5d51cZcjLT1iS7aFEgf+gGVFkjErfO9XUZ/peZW+2giZAZ6Db7BXsbyxK0IpPmK47Yyjko=
RSA 2048-bit ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDezUOU1IQaSMNcjaOUX1zJWU49SiRSIqNeESwDErsTBfr6PXULbtah8OQqPwcoQVvDJ01QwiGdfCejPAwx19g73vCZo/3NVJDy28xpVT7kbEZUAO0Ji4IQfOwgzeyrDAvv0cAO1QFhOsdte1ZK7wotpB2odFmbMmtnv00/Fv7M+huckqRBuFBIy3OvZEbIdbP+TucDpOcE1IBf/32bTiHPPjDjJU+VkJUi5iKXjv1UAuSD+hSG8vOA84vQIdsF+gqpDns3yqKvdGJEZ4LaBbEY/vNOh+C3eigHo4rsXOwdtib5/hSzrSmZqyxy4L/RAe3Gkw+uyl1fyQW6d3LRtDYr test this key
C
Weak cryptography
Diffie-Hellman group security
Trigger The server supports the "diffie-hellman-group1-sha1" algorithm.
Context

The "diffie-hellman-group1-sha1" key exchange algorithm uses the commonly-shared and 1024-bit Oakley Group 2 (RFC 4253).

For security, a 2048-bit group is reasonable although ECRYPT recommends a group size of at least 3072 bits (ECRYPT 2016 report). The use of commonly-shared 1024-bit groups such as Oakley group 2 is especially discouraged because of possible precomputation attacks (weakdh.org).

Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy.

Support for 3DES cipher
Trigger The server supports the 3DES cipher.
Context

Three-key-3DES is a cipher with 168-bit keys but an effective key length of 112 bits because of a meet-in-the-middle attack. This is considered enough only for legacy. Furthermore, it has a 64-bit block size, which can be insufficient for some applications, for example because of birthday attacks (sweet32.info).

In SSH, there seem to be no advantage to using 3DES over more secure and more supported ciphers.

B
Warnings
Support for Blowfish cipher
Trigger The server supports the Blowfish cipher.
Context

Blowfish is a block cipher with a 64-bit block size.

In SSH, Blowfish is used with 128-bit keys. However, its 64-bit block size, can be insufficient for some applications, for example because of birthday attacks (sweet32.info). There are also some cryptanalytic results on reduced-round versions (though no practical attacks). There seem to be no advantage to using it over more secure and more widely supported ciphers.

Support for CAST-128 cipher
Trigger The server supports the CAST-128 cipher.
Context

In SSH, CAST-128 is used with 128-bit keys. However, it has a 64-bit block size, which can be insufficient for some applications, for example because of birthday attacks (sweet32.info). There seem to be no advantage to using it over more secure and more widely supported ciphers.

A!
Borderline Compliance Warnings
SSH RSA key length
Trigger The server uses a 2048-bit RSA key.
Context

RSA keys must be long enough to provide reasonable security against brute-force attack by factoring. While 2048-bit keys are fine today, a minimum of 3072-bit is recommended by ECRYPT for new systems.

TLS (port 110 – POP3)

Scan details
Versions TLS 1.0, TLS 1.1, TLS 1.2
Fallback SCSV Supported
Ciphers
  • TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_RC4_128_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_CAMELLIA_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_CAMELLIA_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_IDEA_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_RC4_128_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_SEED_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
Cipher order Client
Compression
  • NULL TLS 1.0, TLS 1.1, TLS 1.2
Certificate key RSA 2048-bit test this key
Hash algorithm SHA-256
Certificate start date 2020-05-03 22:39:15 UTC
Certificate expiration date 2020-08-01 22:39:15 UTC
Certificate serial number 264561300266589718273463312826010154466378
Certificate issuer CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US
Certificate subject CN=virtualmin.com
Certificate SANs
  • cloudmin.com
  • virtualmin.com
  • www.cloudmin.com
  • www.virtualmin.com
C
Weak cryptography
Support for RC4 cipher
Trigger The server supports a cipher suite containing the RC4 cipher.
Context

RC4 is a stream cipher in which significant weaknesses have been found. The use of this cipher in any protocol has been discouraged by ECRYPT as of 2014 (ECRYPT 2016 report).

In TLS, cipher suites using RC4 have been deprecated as of February 2015 (RFC 7465).

B
Warnings
Support for Triple DES cipher
Trigger The server supports a cipher suite containing the 3DES cipher.
Context

Three-key-3DES is a cipher with 168-bit keys but an effective key length of 112 bits because of a meet-in-the-middle attack. This is considered enough only for legacy. Furthermore, it has a 64-bit block size, which can be insufficient for some applications, for example because of birthday attacks (sweet32.info).

A!
Borderline Compliance Warnings
Certificate RSA key length
Trigger The server uses a 2048-bit RSA key.
Context

RSA keys must be long enough to provide reasonable security against brute-force attack by factoring. While 2048-bit keys are fine today, a minimum of 3072-bit is recommended by ECRYPT for new systems.

Support for TLS 1.0
Trigger TLS 1.0 among the protocols offered by TLS server.
Context

TLS 1.0 is discouraged by PCI-DSS and has been considered non-compliant since June 2018 (PCI-DSS v3.2).

TLS (port 143 – IMAP)

Scan details
Versions TLS 1.0, TLS 1.1, TLS 1.2
Fallback SCSV Supported
Ciphers
  • TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_RC4_128_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_CAMELLIA_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_CAMELLIA_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_IDEA_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_RC4_128_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_SEED_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
Cipher order Client
Compression
  • NULL TLS 1.0, TLS 1.1, TLS 1.2
Certificate key RSA 2048-bit test this key
Hash algorithm SHA-256
Certificate start date 2020-05-03 22:39:15 UTC
Certificate expiration date 2020-08-01 22:39:15 UTC
Certificate serial number 264561300266589718273463312826010154466378
Certificate issuer CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US
Certificate subject CN=virtualmin.com
Certificate SANs
  • cloudmin.com
  • virtualmin.com
  • www.cloudmin.com
  • www.virtualmin.com
C
Weak cryptography
Support for RC4 cipher
Trigger The server supports a cipher suite containing the RC4 cipher.
Context

RC4 is a stream cipher in which significant weaknesses have been found. The use of this cipher in any protocol has been discouraged by ECRYPT as of 2014 (ECRYPT 2016 report).

In TLS, cipher suites using RC4 have been deprecated as of February 2015 (RFC 7465).

B
Warnings
Support for Triple DES cipher
Trigger The server supports a cipher suite containing the 3DES cipher.
Context

Three-key-3DES is a cipher with 168-bit keys but an effective key length of 112 bits because of a meet-in-the-middle attack. This is considered enough only for legacy. Furthermore, it has a 64-bit block size, which can be insufficient for some applications, for example because of birthday attacks (sweet32.info).

A!
Borderline Compliance Warnings
Certificate RSA key length
Trigger The server uses a 2048-bit RSA key.
Context

RSA keys must be long enough to provide reasonable security against brute-force attack by factoring. While 2048-bit keys are fine today, a minimum of 3072-bit is recommended by ECRYPT for new systems.

Support for TLS 1.0
Trigger TLS 1.0 among the protocols offered by TLS server.
Context

TLS 1.0 is discouraged by PCI-DSS and has been considered non-compliant since June 2018 (PCI-DSS v3.2).

TLS (port 443 – HTTP)

Scan details
Versions TLS 1.0, TLS 1.1, TLS 1.2
Fallback SCSV Supported
Ciphers
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_CAMELLIA_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_SEED_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_SEED_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_CAMELLIA_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_IDEA_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_RC4_128_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_RC4_128_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_RC4_128_MD5 TLS 1.0, TLS 1.1, TLS 1.2
Cipher order Server
Compression
  • NULL TLS 1.0, TLS 1.1, TLS 1.2
Certificate key RSA 2048-bit test this key
Hash algorithm SHA-256
Diffie-Hellman
  • Group (2048-bit MODP from RFC 3526): 0xffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f14374fe1356d6d51c245e485b576625e7ec6f44c42e9a637ed6b0bff5cb6f406b7edee386bfb5a899fa5ae9f24117c4b1fe649286651ece45b3dc2007cb8a163bf0598da48361c55d39a69163fa8fd24cf5f83655d23dca3ad961c62f356208552bb9ed529077096966d670c354e4abc9804f1746c08ca18217c32905e462e36ce3be39e772c180e86039b2783a2ec07a28fb5c55df06f4c52c9de2bcbf6955817183995497cea956ae515d2261898fa051015728e5a8aacaa68ffffffffffffffff
  • Generator: 0x2
Certificate start date 2020-05-03 22:39:15 UTC
Certificate expiration date 2020-08-01 22:39:15 UTC
Certificate serial number 264561300266589718273463312826010154466378
Certificate issuer CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US
Certificate subject CN=virtualmin.com
Certificate SANs
  • cloudmin.com
  • virtualmin.com
  • www.cloudmin.com
  • www.virtualmin.com
C
Weak cryptography
Support for RC4 cipher
Trigger The server supports a cipher suite containing the RC4 cipher.
Context

RC4 is a stream cipher in which significant weaknesses have been found. The use of this cipher in any protocol has been discouraged by ECRYPT as of 2014 (ECRYPT 2016 report).

In TLS, cipher suites using RC4 have been deprecated as of February 2015 (RFC 7465).

B
Warnings
Support for Triple DES cipher
Trigger The server supports a cipher suite containing the 3DES cipher.
Context

Three-key-3DES is a cipher with 168-bit keys but an effective key length of 112 bits because of a meet-in-the-middle attack. This is considered enough only for legacy. Furthermore, it has a 64-bit block size, which can be insufficient for some applications, for example because of birthday attacks (sweet32.info).

A!
Borderline Compliance Warnings
Certificate RSA key length
Trigger The server uses a 2048-bit RSA key.
Context

RSA keys must be long enough to provide reasonable security against brute-force attack by factoring. While 2048-bit keys are fine today, a minimum of 3072-bit is recommended by ECRYPT for new systems.

Diffie-Hellman group security
Trigger The server uses a commonly-shared 2048-bit Diffie-Hellman group.
Context

Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy.

For security, a 2048-bit group is reasonable although ECRYPT recommends a group size of at least 3072 bits (ECRYPT 2016 report). The use of commonly-shared 1024-bit groups such as Oakley group 2 is especially discouraged because of possible precomputation attacks (weakdh.org).

Support for TLS 1.0
Trigger TLS 1.0 among the protocols offered by TLS server.
Context

TLS 1.0 is discouraged by PCI-DSS and has been considered non-compliant since June 2018 (PCI-DSS v3.2).

TLS (port 993 – IMAP)

Scan details
Versions TLS 1.0, TLS 1.1, TLS 1.2
Fallback SCSV Supported
Ciphers
  • TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_RC4_128_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_CAMELLIA_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_CAMELLIA_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_IDEA_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_RC4_128_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_SEED_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
Cipher order Client
Compression
  • NULL TLS 1.0, TLS 1.1, TLS 1.2
Certificate key RSA 2048-bit test this key
Hash algorithm SHA-256
Certificate start date 2020-05-03 22:39:15 UTC
Certificate expiration date 2020-08-01 22:39:15 UTC
Certificate serial number 264561300266589718273463312826010154466378
Certificate issuer CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US
Certificate subject CN=virtualmin.com
Certificate SANs
  • cloudmin.com
  • virtualmin.com
  • www.cloudmin.com
  • www.virtualmin.com
C
Weak cryptography
Support for RC4 cipher
Trigger The server supports a cipher suite containing the RC4 cipher.
Context

RC4 is a stream cipher in which significant weaknesses have been found. The use of this cipher in any protocol has been discouraged by ECRYPT as of 2014 (ECRYPT 2016 report).

In TLS, cipher suites using RC4 have been deprecated as of February 2015 (RFC 7465).

B
Warnings
Support for Triple DES cipher
Trigger The server supports a cipher suite containing the 3DES cipher.
Context

Three-key-3DES is a cipher with 168-bit keys but an effective key length of 112 bits because of a meet-in-the-middle attack. This is considered enough only for legacy. Furthermore, it has a 64-bit block size, which can be insufficient for some applications, for example because of birthday attacks (sweet32.info).

A!
Borderline Compliance Warnings
Certificate RSA key length
Trigger The server uses a 2048-bit RSA key.
Context

RSA keys must be long enough to provide reasonable security against brute-force attack by factoring. While 2048-bit keys are fine today, a minimum of 3072-bit is recommended by ECRYPT for new systems.

Support for TLS 1.0
Trigger TLS 1.0 among the protocols offered by TLS server.
Context

TLS 1.0 is discouraged by PCI-DSS and has been considered non-compliant since June 2018 (PCI-DSS v3.2).

TLS (port 995 – POP3)

Scan details
Versions TLS 1.0, TLS 1.1, TLS 1.2
Fallback SCSV Supported
Ciphers
  • TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_RC4_128_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_CAMELLIA_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_CAMELLIA_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_IDEA_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_RC4_128_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_SEED_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
Cipher order Client
Compression
  • NULL TLS 1.0, TLS 1.1, TLS 1.2
Certificate key RSA 2048-bit test this key
Hash algorithm SHA-256
Certificate start date 2020-05-03 22:39:15 UTC
Certificate expiration date 2020-08-01 22:39:15 UTC
Certificate serial number 264561300266589718273463312826010154466378
Certificate issuer CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US
Certificate subject CN=virtualmin.com
Certificate SANs
  • cloudmin.com
  • virtualmin.com
  • www.cloudmin.com
  • www.virtualmin.com
C
Weak cryptography
Support for RC4 cipher
Trigger The server supports a cipher suite containing the RC4 cipher.
Context

RC4 is a stream cipher in which significant weaknesses have been found. The use of this cipher in any protocol has been discouraged by ECRYPT as of 2014 (ECRYPT 2016 report).

In TLS, cipher suites using RC4 have been deprecated as of February 2015 (RFC 7465).

B
Warnings
Support for Triple DES cipher
Trigger The server supports a cipher suite containing the 3DES cipher.
Context

Three-key-3DES is a cipher with 168-bit keys but an effective key length of 112 bits because of a meet-in-the-middle attack. This is considered enough only for legacy. Furthermore, it has a 64-bit block size, which can be insufficient for some applications, for example because of birthday attacks (sweet32.info).

A!
Borderline Compliance Warnings
Certificate RSA key length
Trigger The server uses a 2048-bit RSA key.
Context

RSA keys must be long enough to provide reasonable security against brute-force attack by factoring. While 2048-bit keys are fine today, a minimum of 3072-bit is recommended by ECRYPT for new systems.

Support for TLS 1.0
Trigger TLS 1.0 among the protocols offered by TLS server.
Context

TLS 1.0 is discouraged by PCI-DSS and has been considered non-compliant since June 2018 (PCI-DSS v3.2).

jamie.cloud.virtualmin.com

IP address 108.60.199.109
Last scan 2020-05-30 07:07:12 UTC
SSH (port 22)
Rules applicable 10
C
A
A!
B
C
D
F
3 1 2 4 0 0
TLS HTTP (port 443)
Rules applicable 21
C
A
A!
B
C
D
F
18 3 1 2 0 0

SSH (port 22)

Scan details
Version string SSH-2.0-OpenSSH_5.3
Encryption algorithms
  • 3des-cbc
  • aes128-cbc
  • aes128-ctr
  • aes192-cbc
  • aes192-ctr
  • aes256-cbc
  • aes256-ctr
  • arcfour
  • arcfour128
  • arcfour256
  • blowfish-cbc
  • cast128-cbc
  • rijndael-cbc@lysator.liu.se
Compression algorithms
  • none
  • zlib@openssh.com
MAC algorithms
  • hmac-md5
  • hmac-md5-96
  • hmac-ripemd160
  • hmac-ripemd160@openssh.com
  • hmac-sha1
  • hmac-sha1-96
  • hmac-sha2-256
  • hmac-sha2-512
  • umac-64@openssh.com
Server host key algorithms
  • ssh-dss
  • ssh-rsa
Key exchange algorithms
  • diffie-hellman-group-exchange-sha1
  • diffie-hellman-group-exchange-sha256
  • diffie-hellman-group1-sha1
  • diffie-hellman-group14-sha1
Server keys
DSA 1024-bit ssh-dss AAAAB3NzaC1kc3MAAACBAN5E5lzCaG4BMjM/OPwnglJSRepcVrOIDGhcVL1BibiVQTZm/P37QIyI1JW+3XC1VUBSjeV/bzBh1QrXJ9/2LdC8a+nUqQX9tRTpM9+0N9Cz3zPvQtii5g4TVIwx2GVtrOyvnDL+3ETHOdhdK92UYmvyKE6iLhyXqhLAt3TzrUgpAAAAFQC/gk6jAEvkmlFFPhK7waYTHeXm/wAAAIBmX8kin7RIb2y6dV9ubC5GQBHUuPwodg8JXbrwWaB850cDs+GFgc0bX35kq4d/81yBt0mKuVLFuWmugiZgLOrCsiztQmaQlqjq1JYjZyKt5mW4/m2bx08gyKojyvXad6UJLnav6QhYJSdDbvm2WaG3XkqGjQBi6gvrfV6MVHGhvgAAAIBYJ2ODwY9gzEVnbSqZgxhLx4IFvgjSCEr0SKgYXS718SSqwYGqC5KCGSZ28sXrAfcgrCr4Zh8v58+pMx3wM2cgreaQaqntAJIsQyWV7GU4V1sGewRuxxFu97p5ulsoVFGxKoCZkfsdJL1Kt+Ukrf5AqFpGpLBkhQmKBqaarYG0Vw==
RSA 2048-bit ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAnYPBDArn9nHDv5wYOXTtK2mcALWhK5LieInSBK3S+42VQdARM7O9GWm4qQZNM1s9Eu/iXx4O4xxB9Tp8wrho15S8AHL43YXYBZmtlZ/nr7oylijuAXQaocL/Nb9mTu0ZgPq2tCzQ2RSB9KRGqIn4MU+o5/j3QRMka0NKK94YQRXToSYoSLI5MD21qU41qf6POHf3uKVe5UFnWHEtu0t3X4LXokZAuPXpl3vM1yKgjYq1B3XNXsEZcfbRXo/3TzDGa4aa9N4FLHieAXrBsNoVieJV90x6wKjJJVaCS0IfExJxpkbOjU0gtPwJl/7NPkBBaPuxW2/pJbj+9mhnZpG7nw== test this key
C
Weak cryptography
SSH DSA key length
Trigger The server uses a 1024-bit DSA key.
Context

DSA keys must be long enough to provide reasonable security. The recommended size is 2048-bit. However, longer keys might be preferable in new systems.

Some SSH implementations such as OpenSSH don't support DSA keys larger than 1024 bits. In such cases, DSA should not be used at all.

Diffie-Hellman group security
Trigger The server supports the "diffie-hellman-group1-sha1" algorithm.
Context

The "diffie-hellman-group1-sha1" key exchange algorithm uses the commonly-shared and 1024-bit Oakley Group 2 (RFC 4253).

For security, a 2048-bit group is reasonable although ECRYPT recommends a group size of at least 3072 bits (ECRYPT 2016 report). The use of commonly-shared 1024-bit groups such as Oakley group 2 is especially discouraged because of possible precomputation attacks (weakdh.org).

Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy.

Support for RC4 cipher
Trigger The server supports the RC4 cipher.
Context

RC4 is a stream cipher in which significant weaknesses have been found. The use of this cipher in any protocol has been discouraged by ECRYPT as of 2014 (ECRYPT 2016 report).

In SSH, RC4 is implemented as "arcfour", "arcfour128" and "arcfour256". "arcfour128" and "arcfour256" improve the original algorithm but are still considered weak (RFC 4345).

Support for 3DES cipher
Trigger The server supports the 3DES cipher.
Context

Three-key-3DES is a cipher with 168-bit keys but an effective key length of 112 bits because of a meet-in-the-middle attack. This is considered enough only for legacy. Furthermore, it has a 64-bit block size, which can be insufficient for some applications, for example because of birthday attacks (sweet32.info).

In SSH, there seem to be no advantage to using 3DES over more secure and more supported ciphers.

B
Warnings
Support for Blowfish cipher
Trigger The server supports the Blowfish cipher.
Context

Blowfish is a block cipher with a 64-bit block size.

In SSH, Blowfish is used with 128-bit keys. However, its 64-bit block size, can be insufficient for some applications, for example because of birthday attacks (sweet32.info). There are also some cryptanalytic results on reduced-round versions (though no practical attacks). There seem to be no advantage to using it over more secure and more widely supported ciphers.

Support for CAST-128 cipher
Trigger The server supports the CAST-128 cipher.
Context

In SSH, CAST-128 is used with 128-bit keys. However, it has a 64-bit block size, which can be insufficient for some applications, for example because of birthday attacks (sweet32.info). There seem to be no advantage to using it over more secure and more widely supported ciphers.

A!
Borderline Compliance Warnings
SSH RSA key length
Trigger The server uses a 2048-bit RSA key.
Context

RSA keys must be long enough to provide reasonable security against brute-force attack by factoring. While 2048-bit keys are fine today, a minimum of 3072-bit is recommended by ECRYPT for new systems.

TLS (port 443 – HTTP)

Scan details
Versions SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2
Fallback SCSV Supported
Ciphers
  • TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_SEED_CBC_SHA SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_RC4_128_SHA SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_3DES_EDE_CBC_SHA SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_AES_128_CBC_SHA SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_256_CBC_SHA SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_RSA_WITH_CAMELLIA_128_CBC_SHA SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_CAMELLIA_256_CBC_SHA SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_IDEA_CBC_SHA SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_RC4_128_MD5 SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_RC4_128_SHA SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_SEED_CBC_SHA SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2
Cipher order Client
Compression
  • NULL SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2
Certificate key RSA 2048-bit test this key
Hash algorithm SHA-256
Diffie-Hellman
  • Group (2048-bit MODP from RFC 3526): 0xffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f14374fe1356d6d51c245e485b576625e7ec6f44c42e9a637ed6b0bff5cb6f406b7edee386bfb5a899fa5ae9f24117c4b1fe649286651ece45b3dc2007cb8a163bf0598da48361c55d39a69163fa8fd24cf5f83655d23dca3ad961c62f356208552bb9ed529077096966d670c354e4abc9804f1746c08ca18217c32905e462e36ce3be39e772c180e86039b2783a2ec07a28fb5c55df06f4c52c9de2bcbf6955817183995497cea956ae515d2261898fa051015728e5a8aacaa68ffffffffffffffff
  • Generator: 0x2
Certificate start date 2020-05-13 23:51:31 UTC
Certificate expiration date 2020-08-11 23:51:31 UTC
Certificate serial number 320514587812511234472518485709126800796522
Certificate issuer CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US
Certificate subject CN=jamie.cloud.virtualmin.com
Certificate SANs
  • jamie.cloud.virtualmin.com
C
Weak cryptography
Support for SSL 3.0
Trigger SSL 3.0 among the protocols offered by TLS server.
Context

SSL 3.0 has been officially deprecated as of June 2015 (RFC 7568).

Support for RC4 cipher
Trigger The server supports a cipher suite containing the RC4 cipher.
Context

RC4 is a stream cipher in which significant weaknesses have been found. The use of this cipher in any protocol has been discouraged by ECRYPT as of 2014 (ECRYPT 2016 report).

In TLS, cipher suites using RC4 have been deprecated as of February 2015 (RFC 7465).

B
Warnings
Support for Triple DES cipher
Trigger The server supports a cipher suite containing the 3DES cipher.
Context

Three-key-3DES is a cipher with 168-bit keys but an effective key length of 112 bits because of a meet-in-the-middle attack. This is considered enough only for legacy. Furthermore, it has a 64-bit block size, which can be insufficient for some applications, for example because of birthday attacks (sweet32.info).

A!
Borderline Compliance Warnings
Certificate RSA key length
Trigger The server uses a 2048-bit RSA key.
Context

RSA keys must be long enough to provide reasonable security against brute-force attack by factoring. While 2048-bit keys are fine today, a minimum of 3072-bit is recommended by ECRYPT for new systems.

Diffie-Hellman group security
Trigger The server uses a commonly-shared 2048-bit Diffie-Hellman group.
Context

Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy.

For security, a 2048-bit group is reasonable although ECRYPT recommends a group size of at least 3072 bits (ECRYPT 2016 report). The use of commonly-shared 1024-bit groups such as Oakley group 2 is especially discouraged because of possible precomputation attacks (weakdh.org).

Support for TLS 1.0
Trigger TLS 1.0 among the protocols offered by TLS server.
Context

TLS 1.0 is discouraged by PCI-DSS and has been considered non-compliant since June 2018 (PCI-DSS v3.2).

ns.cloud.virtualmin.com

IP address 108.60.199.108
Last scan 2020-05-30 07:07:12 UTC
SSH (port 22)
Rules applicable 10
C
A
A!
B
C
D
F
3 1 2 4 0 0

SSH (port 22)

Scan details
Version string SSH-2.0-OpenSSH_5.3
Encryption algorithms
  • 3des-cbc
  • aes128-cbc
  • aes128-ctr
  • aes192-cbc
  • aes192-ctr
  • aes256-cbc
  • aes256-ctr
  • arcfour
  • arcfour128
  • arcfour256
  • blowfish-cbc
  • cast128-cbc
  • rijndael-cbc@lysator.liu.se
Compression algorithms
  • none
  • zlib@openssh.com
MAC algorithms
  • hmac-md5
  • hmac-md5-96
  • hmac-ripemd160
  • hmac-ripemd160@openssh.com
  • hmac-sha1
  • hmac-sha1-96
  • hmac-sha2-256
  • hmac-sha2-512
  • umac-64@openssh.com
Server host key algorithms
  • ssh-dss
  • ssh-rsa
Key exchange algorithms
  • diffie-hellman-group-exchange-sha1
  • diffie-hellman-group-exchange-sha256
  • diffie-hellman-group1-sha1
  • diffie-hellman-group14-sha1
Server keys
DSA 1024-bit ssh-dss AAAAB3NzaC1kc3MAAACBALNCYRXQXdQa24tHfi4CtIufjonvfdTE1oAL0xtCot6izTj76Bw4O1KVNV6fUbAFlVwXXfYMlt4G5170qH1KzpdGCwFBxvTFO6Y3kL3ZPa8EUdw3r7fkaKnrMPYIllfSTrWL64xG5l6nV1hfJFpPSHQqcbSFyRiFlL7jFhyrbH/NAAAAFQDhENX+q/B7MQYW2n3WYsrCRXtz6wAAAIEAheAuA3E7C27sWFQCSc/47eR3mcSLBV0pvQSeQRQifgxglhn2Q5PvwaTISzFa7fXmkCq3bqm2dLYXb0j8HIlRyZpDVedCuVwOF7bUlj5yApqma88RMJY1LNMyPR67Tup/ki+6AWyNm45KnP1K05xtCV3ITQi+9MpgCTxhD/DmRMMAAACALBr4rotJU51/GnFvRQmTEke5jPY+GVawg6L93F33c/AywJKxzUlUfQODq4ukbBo4/+8WHTU3cYto2idY5mznxu8PMJeJUhCcn72iDwTBdgjby49Od5c+M2xKUWeN+Z5JWrWApEGTihjqUM2F8XR2p/D/X9CY/SRdCD99JAA2pzI=
RSA 2048-bit ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAmNKFgZijlUnEGT5CvB+wS9+83Oh7RXFm97wT7zKiOulvnKL8NfUGWqoiYRQVHj73xxqyjiLGiRRb2oTyoINbjWRrtkQ11FQm8p1ClhFiLCyzvS7TEdXsA9Do6VKpnN5YIjcAx1V7hyGI7GI0hq/DouXQx6vmBcstEnvwatC0TUd97poRpJ/GSkeckrk5CrriCrBVIcKSlucfqRIBR6CZqYbH8kDdBQ6cO06o9mnVuszvmlDTqC7mr5XTP0N0u/e5spNogxZs61vjnryNvhDewf0KZJzbWpW6LKny8LyhU003t3gII9bXhz83pLiD79DDp8x0tpTvrVhgeTxPfwpvwQ== test this key
C
Weak cryptography
SSH DSA key length
Trigger The server uses a 1024-bit DSA key.
Context

DSA keys must be long enough to provide reasonable security. The recommended size is 2048-bit. However, longer keys might be preferable in new systems.

Some SSH implementations such as OpenSSH don't support DSA keys larger than 1024 bits. In such cases, DSA should not be used at all.

Diffie-Hellman group security
Trigger The server supports the "diffie-hellman-group1-sha1" algorithm.
Context

The "diffie-hellman-group1-sha1" key exchange algorithm uses the commonly-shared and 1024-bit Oakley Group 2 (RFC 4253).

For security, a 2048-bit group is reasonable although ECRYPT recommends a group size of at least 3072 bits (ECRYPT 2016 report). The use of commonly-shared 1024-bit groups such as Oakley group 2 is especially discouraged because of possible precomputation attacks (weakdh.org).

Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy.

Support for RC4 cipher
Trigger The server supports the RC4 cipher.
Context

RC4 is a stream cipher in which significant weaknesses have been found. The use of this cipher in any protocol has been discouraged by ECRYPT as of 2014 (ECRYPT 2016 report).

In SSH, RC4 is implemented as "arcfour", "arcfour128" and "arcfour256". "arcfour128" and "arcfour256" improve the original algorithm but are still considered weak (RFC 4345).

Support for 3DES cipher
Trigger The server supports the 3DES cipher.
Context

Three-key-3DES is a cipher with 168-bit keys but an effective key length of 112 bits because of a meet-in-the-middle attack. This is considered enough only for legacy. Furthermore, it has a 64-bit block size, which can be insufficient for some applications, for example because of birthday attacks (sweet32.info).

In SSH, there seem to be no advantage to using 3DES over more secure and more supported ciphers.

B
Warnings
Support for Blowfish cipher
Trigger The server supports the Blowfish cipher.
Context

Blowfish is a block cipher with a 64-bit block size.

In SSH, Blowfish is used with 128-bit keys. However, its 64-bit block size, can be insufficient for some applications, for example because of birthday attacks (sweet32.info). There are also some cryptanalytic results on reduced-round versions (though no practical attacks). There seem to be no advantage to using it over more secure and more widely supported ciphers.

Support for CAST-128 cipher
Trigger The server supports the CAST-128 cipher.
Context

In SSH, CAST-128 is used with 128-bit keys. However, it has a 64-bit block size, which can be insufficient for some applications, for example because of birthday attacks (sweet32.info). There seem to be no advantage to using it over more secure and more widely supported ciphers.

A!
Borderline Compliance Warnings
SSH RSA key length
Trigger The server uses a 2048-bit RSA key.
Context

RSA keys must be long enough to provide reasonable security against brute-force attack by factoring. While 2048-bit keys are fine today, a minimum of 3072-bit is recommended by ECRYPT for new systems.

ns2.cloud.virtualmin.com

IP address 108.60.199.116
Last scan 2020-05-30 07:07:12 UTC
SSH (port 22)
Rules applicable 10
C
A
A!
B
C
D
F
3 1 2 4 0 0

SSH (port 22)

Scan details
Version string SSH-2.0-OpenSSH_5.3
Encryption algorithms
  • 3des-cbc
  • aes128-cbc
  • aes128-ctr
  • aes192-cbc
  • aes192-ctr
  • aes256-cbc
  • aes256-ctr
  • arcfour
  • arcfour128
  • arcfour256
  • blowfish-cbc
  • cast128-cbc
  • rijndael-cbc@lysator.liu.se
Compression algorithms
  • none
  • zlib@openssh.com
MAC algorithms
  • hmac-md5
  • hmac-md5-96
  • hmac-ripemd160
  • hmac-ripemd160@openssh.com
  • hmac-sha1
  • hmac-sha1-96
  • hmac-sha2-256
  • hmac-sha2-512
  • umac-64@openssh.com
Server host key algorithms
  • ssh-dss
  • ssh-rsa
Key exchange algorithms
  • diffie-hellman-group-exchange-sha1
  • diffie-hellman-group-exchange-sha256
  • diffie-hellman-group1-sha1
  • diffie-hellman-group14-sha1
Server keys
DSA 1024-bit ssh-dss AAAAB3NzaC1kc3MAAACBAM1NE0NwIyNfUsMbiQBH/zzpdtbKLtaVNvsHTrQZh+t2W/TuKO4coFyQkp1224uEnYkUJfgM+3UmQcL9CiJolXCwExbD4c0jTJUXEIENwgkmMe4TDuDKkmwW7V6465teo4jwHcnCXcfpfMCgzA+Gvxe49heNmhgr2pgbT4uVRHBNAAAAFQC5APBv3YMN/CY8Wpq4+LhnzT2i4QAAAIBuvyWn5U2BxtEL0RawbmYgQ4JH556q7tOLTTlNh8ANR/z2MjcMcN0fTawmmQ/hhfRid3/7Iyhkn8Ro2eSBKZWBU4NgNAhcZLys/Y/iBx+q/eGxgL5ARFGrQ76TAXBVAjRZmX6AwOp1j05CkroZdhlIZRsmXgx7dN/HUJvHItup9QAAAIEAo01lKGCCh8/a5OPLFbV0rx9zs57g3nCUc/wVJeRIMbPIkEgN0eASOqDqhczeK4UcHj+uPZLgDxPlaz4qkH9C5yPNZ0aSyILCZslVl/4oi9EjwjtIG2TtNXJtzQ4m6cWdaB9rLOLsQPnU2pCBQEKF+ZKbOzBEDJ/D/rJd74+iLrc=
RSA 2048-bit ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA4G91P3dSXSiOzJZIcVgYEf7g4mkTG+LZqEezzPMgAVSs1HnrA4wgLLc8gMqyhwUfPrxvg8NZdkLb4943SZUrXLrBkAwd4nnakR8qZHJvnFJaxTDr4QnyLHI+Nh0KOQeJVeiWCdWTBXnCcsyoeFBFENhO1J3uYRfvypbSnjRYKwWIzPWPipA+uTCph8d5hHSPZuZOsQscYS7pMh17ARwwbhRs/YzItmaOUPFLPFAP71aG7ImT0BQbqY/3BvADcaP/yaMncxdi3n84oT4/VJSPmdjLTnhEzhYhPLZ+6a5cwa/AQSBQtAl2hrNPn2fvqSAOIpykqtjGcWkjIfHW8DpJ0Q== test this key
C
Weak cryptography
SSH DSA key length
Trigger The server uses a 1024-bit DSA key.
Context

DSA keys must be long enough to provide reasonable security. The recommended size is 2048-bit. However, longer keys might be preferable in new systems.

Some SSH implementations such as OpenSSH don't support DSA keys larger than 1024 bits. In such cases, DSA should not be used at all.

Diffie-Hellman group security
Trigger The server supports the "diffie-hellman-group1-sha1" algorithm.
Context

The "diffie-hellman-group1-sha1" key exchange algorithm uses the commonly-shared and 1024-bit Oakley Group 2 (RFC 4253).

For security, a 2048-bit group is reasonable although ECRYPT recommends a group size of at least 3072 bits (ECRYPT 2016 report). The use of commonly-shared 1024-bit groups such as Oakley group 2 is especially discouraged because of possible precomputation attacks (weakdh.org).

Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy.

Support for RC4 cipher
Trigger The server supports the RC4 cipher.
Context

RC4 is a stream cipher in which significant weaknesses have been found. The use of this cipher in any protocol has been discouraged by ECRYPT as of 2014 (ECRYPT 2016 report).

In SSH, RC4 is implemented as "arcfour", "arcfour128" and "arcfour256". "arcfour128" and "arcfour256" improve the original algorithm but are still considered weak (RFC 4345).

Support for 3DES cipher
Trigger The server supports the 3DES cipher.
Context

Three-key-3DES is a cipher with 168-bit keys but an effective key length of 112 bits because of a meet-in-the-middle attack. This is considered enough only for legacy. Furthermore, it has a 64-bit block size, which can be insufficient for some applications, for example because of birthday attacks (sweet32.info).

In SSH, there seem to be no advantage to using 3DES over more secure and more supported ciphers.

B
Warnings
Support for Blowfish cipher
Trigger The server supports the Blowfish cipher.
Context

Blowfish is a block cipher with a 64-bit block size.

In SSH, Blowfish is used with 128-bit keys. However, its 64-bit block size, can be insufficient for some applications, for example because of birthday attacks (sweet32.info). There are also some cryptanalytic results on reduced-round versions (though no practical attacks). There seem to be no advantage to using it over more secure and more widely supported ciphers.

Support for CAST-128 cipher
Trigger The server supports the CAST-128 cipher.
Context

In SSH, CAST-128 is used with 128-bit keys. However, it has a 64-bit block size, which can be insufficient for some applications, for example because of birthday attacks (sweet32.info). There seem to be no advantage to using it over more secure and more widely supported ciphers.

A!
Borderline Compliance Warnings
SSH RSA key length
Trigger The server uses a 2048-bit RSA key.
Context

RSA keys must be long enough to provide reasonable security against brute-force attack by factoring. While 2048-bit keys are fine today, a minimum of 3072-bit is recommended by ECRYPT for new systems.

docs.virtualmin.com

IP address 198.154.100.100
Last scan 2020-05-30 07:07:12 UTC
SSH (port 22)
Rules applicable 9
C
A
A!
B
C
D
F
4 1 2 2 0 0
TLS HTTP (port 443)
Rules applicable 20
C
A
A!
B
C
D
F
19 2 1 1 0 0

SSH (port 22)

Scan details
Version string SSH-2.0-OpenSSH_7.4
Encryption algorithms
  • 3des-cbc
  • aes128-cbc
  • aes128-ctr
  • aes128-gcm@openssh.com
  • aes192-cbc
  • aes192-ctr
  • aes256-cbc
  • aes256-ctr
  • aes256-gcm@openssh.com
  • blowfish-cbc
  • cast128-cbc
  • chacha20-poly1305@openssh.com
Compression algorithms
  • none
  • zlib@openssh.com
MAC algorithms
  • hmac-sha1
  • hmac-sha1-etm@openssh.com
  • hmac-sha2-256
  • hmac-sha2-256-etm@openssh.com
  • hmac-sha2-512
  • hmac-sha2-512-etm@openssh.com
  • umac-128-etm@openssh.com
  • umac-128@openssh.com
  • umac-64-etm@openssh.com
  • umac-64@openssh.com
Server host key algorithms
  • ecdsa-sha2-nistp256
  • rsa-sha2-256
  • rsa-sha2-512
  • ssh-rsa
Key exchange algorithms
  • curve25519-sha256
  • curve25519-sha256@libssh.org
  • diffie-hellman-group-exchange-sha1
  • diffie-hellman-group-exchange-sha256
  • diffie-hellman-group1-sha1
  • diffie-hellman-group14-sha1
  • diffie-hellman-group14-sha256
  • diffie-hellman-group16-sha512
  • diffie-hellman-group18-sha512
  • ecdh-sha2-nistp256
  • ecdh-sha2-nistp384
  • ecdh-sha2-nistp521
Server keys
ECDSA secp256r1 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBH04EDi9lRIUO1XRJ5d51cZcjLT1iS7aFEgf+gGVFkjErfO9XUZ/peZW+2giZAZ6Db7BXsbyxK0IpPmK47Yyjko=
RSA 2048-bit ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAr3OBZ5jJIQSrFuegq1KSTIVMU+6QyJcrK/OYnID2BlzLMwCeHgTQ4V42nCAFdOqgKDTkWaH3Sw+kNq296l2fw2Zunkjox/0AQJ8TU3zwEI+5PSotFF9MMXJtW9w5IecYC0W55XZm/dOe2WFPwTDAuAAJAv5bNZTxuleiyC6kzpQ+dLMcV6hRhDh8XDFSQe2I46QQJe+ZwAJOANXhOV5qHfZrFz1UNbsay3TzjY0VsVQ3bFmMu7KIKvD2BufmpurEsLcvKFAqfKon1jRPIZf2EpDmeb5tPwsN+W2vNSeg8gkEEZI5ejnHFlqoCkuttTPUVybq7WIImOrZ3GnzqERRqQ== test this key
C
Weak cryptography
Diffie-Hellman group security
Trigger The server supports the "diffie-hellman-group1-sha1" algorithm.
Context

The "diffie-hellman-group1-sha1" key exchange algorithm uses the commonly-shared and 1024-bit Oakley Group 2 (RFC 4253).

For security, a 2048-bit group is reasonable although ECRYPT recommends a group size of at least 3072 bits (ECRYPT 2016 report). The use of commonly-shared 1024-bit groups such as Oakley group 2 is especially discouraged because of possible precomputation attacks (weakdh.org).

Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy.

Support for 3DES cipher
Trigger The server supports the 3DES cipher.
Context

Three-key-3DES is a cipher with 168-bit keys but an effective key length of 112 bits because of a meet-in-the-middle attack. This is considered enough only for legacy. Furthermore, it has a 64-bit block size, which can be insufficient for some applications, for example because of birthday attacks (sweet32.info).

In SSH, there seem to be no advantage to using 3DES over more secure and more supported ciphers.

B
Warnings
Support for Blowfish cipher
Trigger The server supports the Blowfish cipher.
Context

Blowfish is a block cipher with a 64-bit block size.

In SSH, Blowfish is used with 128-bit keys. However, its 64-bit block size, can be insufficient for some applications, for example because of birthday attacks (sweet32.info). There are also some cryptanalytic results on reduced-round versions (though no practical attacks). There seem to be no advantage to using it over more secure and more widely supported ciphers.

Support for CAST-128 cipher
Trigger The server supports the CAST-128 cipher.
Context

In SSH, CAST-128 is used with 128-bit keys. However, it has a 64-bit block size, which can be insufficient for some applications, for example because of birthday attacks (sweet32.info). There seem to be no advantage to using it over more secure and more widely supported ciphers.

A!
Borderline Compliance Warnings
SSH RSA key length
Trigger The server uses a 2048-bit RSA key.
Context

RSA keys must be long enough to provide reasonable security against brute-force attack by factoring. While 2048-bit keys are fine today, a minimum of 3072-bit is recommended by ECRYPT for new systems.

TLS (port 443 – HTTP)

Scan details
Versions TLS 1.0, TLS 1.1, TLS 1.2
Fallback SCSV Supported
Ciphers
  • TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_RC4_128_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_CAMELLIA_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_CAMELLIA_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_IDEA_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_RC4_128_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_SEED_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
Cipher order Client
Compression
  • NULL TLS 1.0, TLS 1.1, TLS 1.2
Certificate key RSA 2048-bit test this key
Hash algorithm SHA-256
Certificate start date 2020-05-07 23:21:35 UTC
Certificate expiration date 2020-08-05 23:21:35 UTC
Certificate serial number 308417682906845878840634308810436560716310
Certificate issuer CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US
Certificate subject CN=docs.virtualmin.com
Certificate SANs
  • docs.virtualmin.com
  • doxfer.webmin.com
C
Weak cryptography
Support for RC4 cipher
Trigger The server supports a cipher suite containing the RC4 cipher.
Context

RC4 is a stream cipher in which significant weaknesses have been found. The use of this cipher in any protocol has been discouraged by ECRYPT as of 2014 (ECRYPT 2016 report).

In TLS, cipher suites using RC4 have been deprecated as of February 2015 (RFC 7465).

B
Warnings
Support for Triple DES cipher
Trigger The server supports a cipher suite containing the 3DES cipher.
Context

Three-key-3DES is a cipher with 168-bit keys but an effective key length of 112 bits because of a meet-in-the-middle attack. This is considered enough only for legacy. Furthermore, it has a 64-bit block size, which can be insufficient for some applications, for example because of birthday attacks (sweet32.info).

A!
Borderline Compliance Warnings
Certificate RSA key length
Trigger The server uses a 2048-bit RSA key.
Context

RSA keys must be long enough to provide reasonable security against brute-force attack by factoring. While 2048-bit keys are fine today, a minimum of 3072-bit is recommended by ECRYPT for new systems.

Support for TLS 1.0
Trigger TLS 1.0 among the protocols offered by TLS server.
Context

TLS 1.0 is discouraged by PCI-DSS and has been considered non-compliant since June 2018 (PCI-DSS v3.2).

ftp.virtualmin.com

IP address 108.60.199.107
Last scan 2020-05-30 07:07:12 UTC

No service that could be analyzed detected on this machine.

software.virtualmin.com

IP address 149.28.242.101
Last scan 2020-05-30 07:07:12 UTC
TLS FTP (port 21)
Rules applicable 20
D
A
A!
B
C
D
F
17 3 1 1 1 0
SSH (port 22)
Rules applicable 9
C
A
A!
B
C
D
F
4 1 2 2 0 0
TLS HTTP (port 443)
Rules applicable 20
A!
A
A!
B
C
D
F
21 2 0 0 0 0

TLS (port 21 – FTP)

Scan details
Versions TLS 1.0, TLS 1.1, TLS 1.2
Fallback SCSV Supported
Ciphers
  • TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_DHE_RSA_WITH_SEED_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_RC4_128_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_AES_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_RSA_WITH_CAMELLIA_128_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_CAMELLIA_256_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_IDEA_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_RC4_128_MD5 TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_RC4_128_SHA TLS 1.0, TLS 1.1, TLS 1.2
  • TLS_RSA_WITH_SEED_CBC_SHA TLS 1.0, TLS 1.1, TLS 1.2
Cipher order Client
Compression
  • NULL TLS 1.0, TLS 1.1, TLS 1.2
Certificate key RSA 2048-bit test this key
Hash algorithm SHA-256
Diffie-Hellman
  • Group (Postfix 2048-bit): 0xf2ea0a012bb967db1d155744be940e859bdba474fb6be6442ab52ef8546703dbf32b7b869fa8241b0acb13fc1c59cc5c2cee7a98063dd648a8add2876584d6f0a62aeb8d7a6c0dc9aceb41c2266f7920171baa5af924a48370e7ea22b6acc69da3cb36cb531351840343c2ecaa760eac7bf9e757cfd2432aeeff5b574aebf746c5e783f9e1115d54a331f36afbea7e6012db1536c54a6d369ba1bdf06558dd082225495a6e9866162576eedb314f174ded6923fccc31ab67d8c2558f9c128538cf586b5a01d3b68bdf8685bc8b550b36b19f38e71d3331a12bf56db8853a44c2aa7c2e8e86664b31dfdf6b7229e63a064561a7976a044042b6f40449c46ed403
  • Generator: 0x5
Certificate start date 2018-07-27 06:18:54 UTC
Certificate expiration date 2018-08-26 06:18:54 UTC
Certificate serial number 10016193776172319625
Certificate issuer CN=software3.virtualmin.com ,O=Self-signed for software3.virtualmin.com ,L=NA,ST=NA,C=NA
Certificate subject CN=software3.virtualmin.com ,O=Self-signed for software3.virtualmin.com ,L=NA,ST=NA,C=NA
D
Broken cryptography
Certificate expiration
Trigger The expiration date of this certificate is 2018-08-26 06:18:54 UTC.
Context

Each certificate defines a validity period. Outside of this period, it is not valid. In particular, no revocation information will be kept about an expired certificate.

C
Weak cryptography
Support for RC4 cipher
Trigger The server supports a cipher suite containing the RC4 cipher.
Context

RC4 is a stream cipher in which significant weaknesses have been found. The use of this cipher in any protocol has been discouraged by ECRYPT as of 2014 (ECRYPT 2016 report).

In TLS, cipher suites using RC4 have been deprecated as of February 2015 (RFC 7465).

B
Warnings
Support for Triple DES cipher
Trigger The server supports a cipher suite containing the 3DES cipher.
Context

Three-key-3DES is a cipher with 168-bit keys but an effective key length of 112 bits because of a meet-in-the-middle attack. This is considered enough only for legacy. Furthermore, it has a 64-bit block size, which can be insufficient for some applications, for example because of birthday attacks (sweet32.info).

A!
Borderline Compliance Warnings
Certificate RSA key length
Trigger The server uses a 2048-bit RSA key.
Context

RSA keys must be long enough to provide reasonable security against brute-force attack by factoring. While 2048-bit keys are fine today, a minimum of 3072-bit is recommended by ECRYPT for new systems.

Diffie-Hellman group security
Trigger The server uses a commonly-shared 2048-bit Diffie-Hellman group.
Context

Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy.

For security, a 2048-bit group is reasonable although ECRYPT recommends a group size of at least 3072 bits (ECRYPT 2016 report). The use of commonly-shared 1024-bit groups such as Oakley group 2 is especially discouraged because of possible precomputation attacks (weakdh.org).

Support for TLS 1.0
Trigger TLS 1.0 among the protocols offered by TLS server.
Context

TLS 1.0 is discouraged by PCI-DSS and has been considered non-compliant since June 2018 (PCI-DSS v3.2).

SSH (port 22)

Scan details
Version string SSH-2.0-OpenSSH_7.4
Encryption algorithms
  • 3des-cbc
  • aes128-cbc
  • aes128-ctr
  • aes128-gcm@openssh.com
  • aes192-cbc
  • aes192-ctr
  • aes256-cbc
  • aes256-ctr
  • aes256-gcm@openssh.com
  • blowfish-cbc
  • cast128-cbc
  • chacha20-poly1305@openssh.com
Compression algorithms
  • none
  • zlib@openssh.com
MAC algorithms
  • hmac-sha1
  • hmac-sha1-etm@openssh.com
  • hmac-sha2-256
  • hmac-sha2-256-etm@openssh.com
  • hmac-sha2-512
  • hmac-sha2-512-etm@openssh.com
  • umac-128-etm@openssh.com
  • umac-128@openssh.com
  • umac-64-etm@openssh.com
  • umac-64@openssh.com
Server host key algorithms
  • ecdsa-sha2-nistp256
  • rsa-sha2-256
  • rsa-sha2-512
  • ssh-ed25519
  • ssh-rsa
Key exchange algorithms
  • curve25519-sha256
  • curve25519-sha256@libssh.org
  • diffie-hellman-group-exchange-sha1
  • diffie-hellman-group-exchange-sha256
  • diffie-hellman-group1-sha1
  • diffie-hellman-group14-sha1
  • diffie-hellman-group14-sha256
  • diffie-hellman-group16-sha512
  • diffie-hellman-group18-sha512
  • ecdh-sha2-nistp256
  • ecdh-sha2-nistp384
  • ecdh-sha2-nistp521
Server keys
ECDSA secp256r1 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPk4PTMjmD6iGqSA0hRWBiAM6I8THGH1DhrFV3FtQcenA+hVldrCFrd+EHuUpdRZhbY49T3hyi8Dm/EzSzG6S2o=
Ed25519 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHx+fPwMNnu2ZYg4jbxeEqBB15faIf+Qc7lNNAcExUhj
RSA 2048-bit ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDqU1NHmBQNavlQnbAKMA4fgBHxY/87PDmQesVO7/p2AX5xBtHXRhMxFEPPmvoggLV2ixBrAn8YYUsgyOf73FObNS6u1pR11Oh96cUCXY8g5SJGYdXujdIYidAh7an2JYiJ1qsaILqnWHNfChVyscgJZdT9rCWhurQJZh7ZoI08MyomBvz6tfLi1Kamipgb3aazQtlJqbm1fVfh9G/ggV4gdFr66L/+BlFgautY7h81CzVP/D3pi6avzNQXYh4UxLdrY6jGK/IENFEq35CUOj2JAxO8FwvvnyGuPMwnQF9UTOiXjwIC/P4u4fPGgi2ZyWLTFTi5wQFfygtFLYkdpozd test this key
C
Weak cryptography
Diffie-Hellman group security
Trigger The server supports the "diffie-hellman-group1-sha1" algorithm.
Context

The "diffie-hellman-group1-sha1" key exchange algorithm uses the commonly-shared and 1024-bit Oakley Group 2 (RFC 4253).

For security, a 2048-bit group is reasonable although ECRYPT recommends a group size of at least 3072 bits (ECRYPT 2016 report). The use of commonly-shared 1024-bit groups such as Oakley group 2 is especially discouraged because of possible precomputation attacks (weakdh.org).

Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy.

Support for 3DES cipher
Trigger The server supports the 3DES cipher.
Context

Three-key-3DES is a cipher with 168-bit keys but an effective key length of 112 bits because of a meet-in-the-middle attack. This is considered enough only for legacy. Furthermore, it has a 64-bit block size, which can be insufficient for some applications, for example because of birthday attacks (sweet32.info).

In SSH, there seem to be no advantage to using 3DES over more secure and more supported ciphers.

B
Warnings
Support for Blowfish cipher
Trigger The server supports the Blowfish cipher.
Context

Blowfish is a block cipher with a 64-bit block size.

In SSH, Blowfish is used with 128-bit keys. However, its 64-bit block size, can be insufficient for some applications, for example because of birthday attacks (sweet32.info). There are also some cryptanalytic results on reduced-round versions (though no practical attacks). There seem to be no advantage to using it over more secure and more widely supported ciphers.

Support for CAST-128 cipher
Trigger The server supports the CAST-128 cipher.
Context

In SSH, CAST-128 is used with 128-bit keys. However, it has a 64-bit block size, which can be insufficient for some applications, for example because of birthday attacks (sweet32.info). There seem to be no advantage to using it over more secure and more widely supported ciphers.

A!
Borderline Compliance Warnings
SSH RSA key length
Trigger The server uses a 2048-bit RSA key.
Context

RSA keys must be long enough to provide reasonable security against brute-force attack by factoring. While 2048-bit keys are fine today, a minimum of 3072-bit is recommended by ECRYPT for new systems.

TLS (port 443 – HTTP)

Scan details
Versions TLS 1.2
Ciphers
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_RSA_WITH_AES_128_CBC_SHA TLS 1.2
  • TLS_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_256_CBC_SHA TLS 1.2
  • TLS_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_RSA_WITH_CAMELLIA_128_CBC_SHA TLS 1.2
  • TLS_RSA_WITH_CAMELLIA_256_CBC_SHA TLS 1.2
Cipher order Client
Compression
  • NULL TLS 1.2
Certificate key RSA 2048-bit test this key
Hash algorithm SHA-256
Diffie-Hellman
  • Group (2048-bit MODP from RFC 3526): 0xffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f14374fe1356d6d51c245e485b576625e7ec6f44c42e9a637ed6b0bff5cb6f406b7edee386bfb5a899fa5ae9f24117c4b1fe649286651ece45b3dc2007cb8a163bf0598da48361c55d39a69163fa8fd24cf5f83655d23dca3ad961c62f356208552bb9ed529077096966d670c354e4abc9804f1746c08ca18217c32905e462e36ce3be39e772c180e86039b2783a2ec07a28fb5c55df06f4c52c9de2bcbf6955817183995497cea956ae515d2261898fa051015728e5a8aacaa68ffffffffffffffff
  • Generator: 0x2
Certificate start date 2020-04-22 18:26:29 UTC
Certificate expiration date 2020-07-21 18:26:29 UTC
Certificate serial number 393539398327015348730561862216210980864016
Certificate issuer CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US
Certificate subject CN=software2.virtualmin.com
Certificate SANs
  • software.virtualmin.com
  • software2.virtualmin.com
A!
Borderline Compliance Warnings
Certificate RSA key length
Trigger The server uses a 2048-bit RSA key.
Context

RSA keys must be long enough to provide reasonable security against brute-force attack by factoring. While 2048-bit keys are fine today, a minimum of 3072-bit is recommended by ECRYPT for new systems.

Diffie-Hellman group security
Trigger The server uses a commonly-shared 2048-bit Diffie-Hellman group.
Context

Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy.

For security, a 2048-bit group is reasonable although ECRYPT recommends a group size of at least 3072 bits (ECRYPT 2016 report). The use of commonly-shared 1024-bit groups such as Oakley group 2 is especially discouraged because of possible precomputation attacks (weakdh.org).

software2.virtualmin.com

IP address 163.172.162.254
Last scan 2020-05-30 07:07:13 UTC
SSH (port 22)
Rules applicable 9
C
A
A!
B
C
D
F
4 1 2 2 0 0
TLS HTTP (port 443)
Rules applicable 20
A!
A
A!
B
C
D
F
21 2 0 0 0 0

SSH (port 22)

Scan details
Version string SSH-2.0-OpenSSH_7.4
Encryption algorithms
  • 3des-cbc
  • aes128-cbc
  • aes128-ctr
  • aes128-gcm@openssh.com
  • aes192-cbc
  • aes192-ctr
  • aes256-cbc
  • aes256-ctr
  • aes256-gcm@openssh.com
  • blowfish-cbc
  • cast128-cbc
  • chacha20-poly1305@openssh.com
Compression algorithms
  • none
  • zlib@openssh.com
MAC algorithms
  • hmac-sha1
  • hmac-sha1-etm@openssh.com
  • hmac-sha2-256
  • hmac-sha2-256-etm@openssh.com
  • hmac-sha2-512
  • hmac-sha2-512-etm@openssh.com
  • umac-128-etm@openssh.com
  • umac-128@openssh.com
  • umac-64-etm@openssh.com
  • umac-64@openssh.com
Server host key algorithms
  • ecdsa-sha2-nistp256
  • rsa-sha2-256
  • rsa-sha2-512
  • ssh-ed25519
  • ssh-rsa
Key exchange algorithms
  • curve25519-sha256
  • curve25519-sha256@libssh.org
  • diffie-hellman-group-exchange-sha1
  • diffie-hellman-group-exchange-sha256
  • diffie-hellman-group1-sha1
  • diffie-hellman-group14-sha1
  • diffie-hellman-group14-sha256
  • diffie-hellman-group16-sha512
  • diffie-hellman-group18-sha512
  • ecdh-sha2-nistp256
  • ecdh-sha2-nistp384
  • ecdh-sha2-nistp521
Server keys
ECDSA secp256r1 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPcnFNDS7MWZFFreFTk1Rz8B2Ye+5tRBO1jfwinMr+oMlaWAR/G1ESSroqeOuqqgv6B3Nh/roGy/oeAYPakEm+k=
Ed25519 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINDzX2RmhT0kwF80vf1pyjVh0qrPAXm1eYkbCmjhqHNN
RSA 2048-bit ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3sqondu425wrOD3R7Od7xeXKTEKGS3i7gBis7IHSBwrt5y0K3dn+0UOGawXRWNSCc/AecI173zCr5nFmEBDNpITnzx+nwO+wxg6piwa6urJ9mcXFL1ah2ZgBrvw9D7ffDF3mqJzTNoevaRIgyYsHEeE1EjHx7NNGNsgdFxn9STCL5Z0zOc3c0FDHFzQZ4mHZgd3uIJJkeFlU6PYd2xq8SfEmwgYR5Rl3F/9v4lnI4ekV4WRIyn7nh3FDjoDfMT7dqORkiyISsGuf0d+O6PHnpd/HzxRLxnKkCpKE3kNDiRtygT6AArs6Ezosu0MdVKGiH4g/Q3xVny01hVxKlTBOt test this key
C
Weak cryptography
Diffie-Hellman group security
Trigger The server supports the "diffie-hellman-group1-sha1" algorithm.
Context

The "diffie-hellman-group1-sha1" key exchange algorithm uses the commonly-shared and 1024-bit Oakley Group 2 (RFC 4253).

For security, a 2048-bit group is reasonable although ECRYPT recommends a group size of at least 3072 bits (ECRYPT 2016 report). The use of commonly-shared 1024-bit groups such as Oakley group 2 is especially discouraged because of possible precomputation attacks (weakdh.org).

Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy.

Support for 3DES cipher
Trigger The server supports the 3DES cipher.
Context

Three-key-3DES is a cipher with 168-bit keys but an effective key length of 112 bits because of a meet-in-the-middle attack. This is considered enough only for legacy. Furthermore, it has a 64-bit block size, which can be insufficient for some applications, for example because of birthday attacks (sweet32.info).

In SSH, there seem to be no advantage to using 3DES over more secure and more supported ciphers.

B
Warnings
Support for Blowfish cipher
Trigger The server supports the Blowfish cipher.
Context

Blowfish is a block cipher with a 64-bit block size.

In SSH, Blowfish is used with 128-bit keys. However, its 64-bit block size, can be insufficient for some applications, for example because of birthday attacks (sweet32.info). There are also some cryptanalytic results on reduced-round versions (though no practical attacks). There seem to be no advantage to using it over more secure and more widely supported ciphers.

Support for CAST-128 cipher
Trigger The server supports the CAST-128 cipher.
Context

In SSH, CAST-128 is used with 128-bit keys. However, it has a 64-bit block size, which can be insufficient for some applications, for example because of birthday attacks (sweet32.info). There seem to be no advantage to using it over more secure and more widely supported ciphers.

A!
Borderline Compliance Warnings
SSH RSA key length
Trigger The server uses a 2048-bit RSA key.
Context

RSA keys must be long enough to provide reasonable security against brute-force attack by factoring. While 2048-bit keys are fine today, a minimum of 3072-bit is recommended by ECRYPT for new systems.

TLS (port 443 – HTTP)

Scan details
Versions TLS 1.2
Ciphers
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA TLS 1.2
  • TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS 1.2
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_RSA_WITH_AES_128_CBC_SHA TLS 1.2
  • TLS_RSA_WITH_AES_128_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_128_GCM_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_256_CBC_SHA TLS 1.2
  • TLS_RSA_WITH_AES_256_CBC_SHA256 TLS 1.2
  • TLS_RSA_WITH_AES_256_GCM_SHA384 TLS 1.2
  • TLS_RSA_WITH_CAMELLIA_128_CBC_SHA TLS 1.2
  • TLS_RSA_WITH_CAMELLIA_256_CBC_SHA TLS 1.2
Cipher order Client
Compression
  • NULL TLS 1.2
Certificate key RSA 2048-bit test this key
Hash algorithm SHA-256
Diffie-Hellman
  • Group (2048-bit MODP from RFC 3526): 0xffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f14374fe1356d6d51c245e485b576625e7ec6f44c42e9a637ed6b0bff5cb6f406b7edee386bfb5a899fa5ae9f24117c4b1fe649286651ece45b3dc2007cb8a163bf0598da48361c55d39a69163fa8fd24cf5f83655d23dca3ad961c62f356208552bb9ed529077096966d670c354e4abc9804f1746c08ca18217c32905e462e36ce3be39e772c180e86039b2783a2ec07a28fb5c55df06f4c52c9de2bcbf6955817183995497cea956ae515d2261898fa051015728e5a8aacaa68ffffffffffffffff
  • Generator: 0x2
Certificate start date 2020-04-22 18:26:29 UTC
Certificate expiration date 2020-07-21 18:26:29 UTC
Certificate serial number 393539398327015348730561862216210980864016
Certificate issuer CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US
Certificate subject CN=software2.virtualmin.com
Certificate SANs
  • software.virtualmin.com
  • software2.virtualmin.com
A!
Borderline Compliance Warnings
Certificate RSA key length
Trigger The server uses a 2048-bit RSA key.
Context

RSA keys must be long enough to provide reasonable security against brute-force attack by factoring. While 2048-bit keys are fine today, a minimum of 3072-bit is recommended by ECRYPT for new systems.

Diffie-Hellman group security
Trigger The server uses a commonly-shared 2048-bit Diffie-Hellman group.
Context

Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy.

For security, a 2048-bit group is reasonable although ECRYPT recommends a group size of at least 3072 bits (ECRYPT 2016 report). The use of commonly-shared 1024-bit groups such as Oakley group 2 is especially discouraged because of possible precomputation attacks (weakdh.org).

srv1.virtualmin.com

IP address 108.60.199.106
Last scan 2020-05-30 07:07:13 UTC
SSH (port 22)
Rules applicable 9
C
A
A!
B
C
D
F
4 1 2 2 0 0

SSH (port 22)

Scan details
Version string SSH-2.0-OpenSSH_7.4
Encryption algorithms
  • 3des-cbc
  • aes128-cbc
  • aes128-ctr
  • aes128-gcm@openssh.com
  • aes192-cbc
  • aes192-ctr
  • aes256-cbc
  • aes256-ctr
  • aes256-gcm@openssh.com
  • blowfish-cbc
  • cast128-cbc
  • chacha20-poly1305@openssh.com
Compression algorithms
  • none
  • zlib@openssh.com
MAC algorithms
  • hmac-sha1
  • hmac-sha1-etm@openssh.com
  • hmac-sha2-256
  • hmac-sha2-256-etm@openssh.com
  • hmac-sha2-512
  • hmac-sha2-512-etm@openssh.com
  • umac-128-etm@openssh.com
  • umac-128@openssh.com
  • umac-64-etm@openssh.com
  • umac-64@openssh.com
Server host key algorithms
  • ecdsa-sha2-nistp256
  • rsa-sha2-256
  • rsa-sha2-512
  • ssh-ed25519
  • ssh-rsa
Key exchange algorithms
  • curve25519-sha256
  • curve25519-sha256@libssh.org
  • diffie-hellman-group-exchange-sha1
  • diffie-hellman-group-exchange-sha256
  • diffie-hellman-group1-sha1
  • diffie-hellman-group14-sha1
  • diffie-hellman-group14-sha256
  • diffie-hellman-group16-sha512
  • diffie-hellman-group18-sha512
  • ecdh-sha2-nistp256
  • ecdh-sha2-nistp384
  • ecdh-sha2-nistp521
Server keys
ECDSA secp256r1 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDRrSW3n2qH1bSsXt7elR7SnRIRE6PlfNiNhwvhJrM2GW/V7cZJqViS5fo6BDCe4EcMNDjDlkCRp+F3qc/d/He4=
Ed25519 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIExeORn8J+O+iNUt04t0MPsC5YSQNDKDB+zN++aXKh06
RSA 2048-bit ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC27TLNXe5BBUwJz8xUHnwYfkw4FLkWFBs9aUfwUepTiu4APN3SzCqryat54QFsT18weTnef21qsOLIenL8KRfABiZObJIJ8o/F888oMwwlmXspxqjzuOngz3RgU4r0SvtKQGIZjW4T7SBXAY49eFtNeb7GyEQJltrIeSYu6Q8Zv2zoYIu/xYE907iU1FokBL2e4x13PiaDd02TvnEN4LbTc5+K9SrN05eC5tQ/vbkHXajIvUO8RjIC3eGdQZs3qFLGOEtLiqOJfuCdxkGEq6iYeJz7XnoqJaLBVL6bWWTGYh3BjCitzGtSDsU0/VpWSl78CjN0JJhXPGR7c0dcZ+sH test this key
C
Weak cryptography
Diffie-Hellman group security
Trigger The server supports the "diffie-hellman-group1-sha1" algorithm.
Context

The "diffie-hellman-group1-sha1" key exchange algorithm uses the commonly-shared and 1024-bit Oakley Group 2 (RFC 4253).

For security, a 2048-bit group is reasonable although ECRYPT recommends a group size of at least 3072 bits (ECRYPT 2016 report). The use of commonly-shared 1024-bit groups such as Oakley group 2 is especially discouraged because of possible precomputation attacks (weakdh.org).

Diffie-Hellman is mainly used so that two machines can compute a shared secret and so benefit from forward secrecy.

Support for 3DES cipher
Trigger The server supports the 3DES cipher.
Context

Three-key-3DES is a cipher with 168-bit keys but an effective key length of 112 bits because of a meet-in-the-middle attack. This is considered enough only for legacy. Furthermore, it has a 64-bit block size, which can be insufficient for some applications, for example because of birthday attacks (sweet32.info).

In SSH, there seem to be no advantage to using 3DES over more secure and more supported ciphers.

B
Warnings
Support for Blowfish cipher
Trigger The server supports the Blowfish cipher.
Context

Blowfish is a block cipher with a 64-bit block size.

In SSH, Blowfish is used with 128-bit keys. However, its 64-bit block size, can be insufficient for some applications, for example because of birthday attacks (sweet32.info). There are also some cryptanalytic results on reduced-round versions (though no practical attacks). There seem to be no advantage to using it over more secure and more widely supported ciphers.

Support for CAST-128 cipher
Trigger The server supports the CAST-128 cipher.
Context

In SSH, CAST-128 is used with 128-bit keys. However, it has a 64-bit block size, which can be insufficient for some applications, for example because of birthday attacks (sweet32.info). There seem to be no advantage to using it over more secure and more widely supported ciphers.

A!
Borderline Compliance Warnings
SSH RSA key length
Trigger The server uses a 2048-bit RSA key.
Context

RSA keys must be long enough to provide reasonable security against brute-force attack by factoring. While 2048-bit keys are fine today, a minimum of 3072-bit is recommended by ECRYPT for new systems.