it-security-2-deep-thought/raw_scans/9_gcp_ubuntu_20.04/testssl-3.log

## Scan started as: "testssl.sh --logfile ../outputs/testssl-3.log --append --connect-timeout 10 --openssl-timeout 10 -t ftp localhost:21"
## at ubuntu-20:./bin/openssl.Linux.x86_64
## version testssl: 3.1dev 477bd13 from 2021-01-07
## version openssl: "1.0.2-chacha" from "Jan 18 17:12:17 2019")

[7m Start 2021-01-07 15:07:28        -->> 127.0.0.1:21 (localhost) <<--[m

 A record via:           /etc/hosts 
 rDNS (127.0.0.1):       --[0;35m Oops: TCP connect problem[m

[0;35mUnable to open a socket to 127.0.0.1:21. [m
[1;35mFatal error: Can't connect to "127.0.0.1:21"
Make sure a firewall is not between you and your scanning target![m

## Scan started as: "testssl.sh --logfile ../outputs/testssl-3.log --append --connect-timeout 10 --openssl-timeout 10 --ssl-native localhost:21"
## at ubuntu-20:./bin/openssl.Linux.x86_64
## version testssl: 3.1dev 477bd13 from 2021-01-07
## version openssl: "1.0.2-chacha" from "Jan 18 17:12:17 2019")

[7m Start 2021-01-07 15:07:30        -->> 127.0.0.1:21 (localhost) <<--[m

 A record via:           /etc/hosts 
 rDNS (127.0.0.1):       --[0;35m Oops: TCP connect problem[m

[0;35mUnable to open a socket to 127.0.0.1:21. [m
[1;35mFatal error: Can't connect to "127.0.0.1:21"
Make sure a firewall is not between you and your scanning target![m

## Scan started as: "testssl.sh --logfile ../outputs/testssl-3.log --append --connect-timeout 10 --openssl-timeout 10 -t smtp localhost:465"
## at ubuntu-20:./bin/openssl.Linux.x86_64
## version testssl: 3.1dev 477bd13 from 2021-01-07
## version openssl: "1.0.2-chacha" from "Jan 18 17:12:17 2019")

[7m Start 2021-01-07 15:07:32        -->> 127.0.0.1:465 (localhost) <<--[m

 A record via:           /etc/hosts 
 rDNS (127.0.0.1):       --[0;35m Oops: TCP connect problem[m

[0;35mUnable to open a socket to 127.0.0.1:465. [m
[1;35mFatal error: Can't connect to "127.0.0.1:465"
Make sure a firewall is not between you and your scanning target![m

## Scan started as: "testssl.sh --logfile ../outputs/testssl-3.log --append --connect-timeout 10 --openssl-timeout 10 -t smtp localhost:587"
## at ubuntu-20:./bin/openssl.Linux.x86_64
## version testssl: 3.1dev 477bd13 from 2021-01-07
## version openssl: "1.0.2-chacha" from "Jan 18 17:12:17 2019")

[7m Start 2021-01-07 15:07:34        -->> 127.0.0.1:587 (localhost) <<--[m

 A record via:           /etc/hosts 
 rDNS (127.0.0.1):       --
[0;35m Oops: STARTTLS handshake failed (code: 1)[m

[1;35mFatal error: repeated STARTTLS problems, giving up (1)[m

## Scan started as: "testssl.sh --logfile ../outputs/testssl-3.log --append --connect-timeout 10 --openssl-timeout 10 --ssl-native localhost:465"
## at ubuntu-20:./bin/openssl.Linux.x86_64
## version testssl: 3.1dev 477bd13 from 2021-01-07
## version openssl: "1.0.2-chacha" from "Jan 18 17:12:17 2019")

[7m Start 2021-01-07 15:07:37        -->> 127.0.0.1:465 (localhost) <<--[m

 A record via:           /etc/hosts 
 rDNS (127.0.0.1):       --[0;35m Oops: TCP connect problem[m

[0;35mUnable to open a socket to 127.0.0.1:465. [m
[1;35mFatal error: Can't connect to "127.0.0.1:465"
Make sure a firewall is not between you and your scanning target![m

## Scan started as: "testssl.sh --logfile ../outputs/testssl-3.log --append --connect-timeout 10 --openssl-timeout 10 --ssl-native localhost:587"
## at ubuntu-20:./bin/openssl.Linux.x86_64
## version testssl: 3.1dev 477bd13 from 2021-01-07
## version openssl: "1.0.2-chacha" from "Jan 18 17:12:17 2019")

[7m Start 2021-01-07 15:07:39        -->> 127.0.0.1:587 (localhost) <<--[m

 A record via:           /etc/hosts 
 rDNS (127.0.0.1):       --

[1m 127.0.0.1:587 [m[1mdoesn't seem to be a TLS/SSL enabled server[m
[0;35m The results might look ok but they could be nonsense. Really proceed ? ("yes" to continue) --> [m Service detected:       Couldn't determine what's running on port 587, assuming no HTTP service => skipping all HTTP checks


[1m[4m Testing protocols [m[4mvia native openssl[m

[1m SSLv2      [m[1;32mnot offered (OK)[m
[1m SSLv3      [m[1;32mnot offered (OK)[m
[1m TLS 1      [mnot offered
[1m TLS 1.1    [mnot offered
[1m TLS 1.2    [m[0;33mnot offered[m
[1m TLS 1.3    [m[0;35mLocal problem: timeout --preserve-status 10 ./bin/openssl.Linux.x86_64 doesn't support "s_client -tls1_3"[m

[0;35mYou should not proceed as no protocol was detected. If you still really really want to, say "YES" --> [m[1m NPN/SPDY   [mnot offered
[1m ALPN/HTTP2 [mnot offered

[1m[4m Testing cipher categories [m

[1m NULL ciphers (no encryption)                      [m[1;32mnot offered (OK)[m
[1m Anonymous NULL Ciphers (no authentication)        [m[1;32mnot offered (OK)[m
[1m Export ciphers (w/o ADH+NULL)                     [m[1;32mnot offered (OK)[m
[1m LOW: 64 Bit + DES, RC[2,4], MD5 (w/o export)      [m[0;32mnot offered (OK)[m
[1m Triple DES Ciphers / IDEA                         [mnot offered
[1m Obsoleted CBC ciphers (AES, ARIA etc.)            [mnot offered
[1m Strong encryption (AEAD ciphers) with no FS       [mnot offered
[1m Forward Secrecy strong encryption (AEAD ciphers)  [m[0;33mnot offered[m


[1m[4m Testing server's cipher preferences [m

[1m Has server cipher order?     [m[0;35mHandshake error![m[0;31mno (NOT ok)[m
[1m Negotiated protocol          [m[1;32mTLSv1.2[m
[1m Negotiated cipher            [m[0;35mdefault cipher empty[m (Hint: if IIS6 give OpenSSL 1.0.1 a try) (limited sense as client will pick)
[1m Cipher per protocol[m

Hexcode  Cipher Suite Name (OpenSSL)       KeyExch.   Encryption  Bits     Cipher Suite Name (IANA/RFC)
-----------------------------------------------------------------------------------------------------------------------------
[4mSSLv2[m
 - 
[4mSSLv3[m
 - 
[4mTLSv1[m
 - 
[4mTLSv1.1[m
 - 
[4mTLSv1.2[m
 - 
[4mTLSv1.3[m
 - 


[1m[4m Testing robust forward secrecy (FS)[m[4m -- omitting Null Authentication/Encryption, 3DES, RC4 [m


[0;33m No ciphers supporting Forward Secrecy (FS) offered[m


[1m[4m Testing server defaults (Server Hello) [m

[1m TLS extensions (standard)    [m(none)
[1m Session Ticket RFC 5077 hint [mno -- no lifetime advertised
[1m SSL Session ID support       [myes
[1m Session Resumption           [mTickets no, [0;35mID resumption test failed[m
[1m TLS clock skew[m               SSLv3 through TLS 1.2 didn't return a timestamp

[1;35mClient problem, No server cerificate could be retrieved. Thus we can't continue with "server defaults".[m


[1m[4m Testing vulnerabilities [m

[1m Heartbleed[m (CVE-2014-0160)                [1;32mnot vulnerable (OK)[m, no heartbeat extension
[1m CCS[m (CVE-2014-0224)                       [1;32mnot vulnerable (OK)[m
[1m Ticketbleed[m (CVE-2016-9244), experiment.  --   (applicable only for HTTPS)
[1m ROBOT                                     [m[1;32mServer does not support any cipher suites that use RSA key transport[m
[1m Secure Renegotiation (RFC 5746)           [m[0;35mOpenSSL handshake didn't succeed[m
[1m Secure Client-Initiated Renegotiation     [m[0;32mnot vulnerable (OK)[m
[1m CRIME, TLS [m(CVE-2012-4929)                [0;35mtest failed (couldn't connect)[m
[1m POODLE, SSL[m (CVE-2014-3566)               [1;32mnot vulnerable (OK)[m, no SSLv3 support
[1m TLS_FALLBACK_SCSV[m (RFC 7507)              [0;35mtest failed (couldn't connect)[m
[1m SWEET32[m (CVE-2016-2183, CVE-2016-6329)    [1;32mnot vulnerable (OK)[m, 38/53 (SSLv2: 8/8) local ciphers
[1m FREAK[m (CVE-2015-0204)                     [0;35m Oops: openssl s_client connect problem[m
[1;32mnot vulnerable (OK)[m
[1m DROWN[m (CVE-2016-0800, CVE-2016-0703)      [1;32mnot vulnerable on this host and port (OK)[m
                                           no RSA certificate, thus certificate can't be used with SSLv2 elsewhere
[1m LOGJAM[m (CVE-2015-4000), experimental      [0;32mnot vulnerable (OK):[m no DH EXPORT ciphers, no DH key detected with <= TLS 1.2
[1m BEAST[m (CVE-2011-3389)                     [0;32mnot vulnerable (OK)[m, no SSL3 or TLS1
[1m LUCKY13[m (CVE-2013-0169), experimental     [1;32mnot vulnerable (OK)[m[0;35m, 123/154 local ciphers[m
[1m Winshock[m (CVE-2014-6321), experimental    [1;32mnot vulnerable (OK)[m - no HTTP or RDP
[1m RC4[m (CVE-2013-2566, CVE-2015-2808)        [0;32mno RC4 ciphers detected (OK)[m

Could not determine the protocol, only simulating generic clients.

[1m[4m Running client simulations [m[1m[4mvia openssl [m[0;35m -- pls note "--ssl-native" will return some false results[m

 Browser                      Protocol  Cipher Suite Name (OpenSSL)       Forward Secrecy
------------------------------------------------------------------------------------------------
 Android 4.4.2                No connection
 Android 5.0.0                No connection
 Android 6.0                  No connection
 Android 7.0 (native)         No connection
 Android 8.1 (native)         No connection
 Android 9.0 (native)         No connection
 Android 10.0 (native)        No connection
 Chrome 74 (Win 10)           No connection
 Chrome 79 (Win 10)           No connection
 Firefox 66 (Win 8.1/10)      No connection
 Firefox 71 (Win 10)          No connection
 IE 6 XP                      No connection
 IE 8 Win 7                   No connection
 IE 8 XP                      No connection
 IE 11 Win 7                  No connection
 IE 11 Win 8.1                No connection
 IE 11 Win Phone 8.1          No connection
 IE 11 Win 10                 No connection
 Edge 15 Win 10               No connection
 Edge 17 (Win 10)             No connection
 Opera 66 (Win 10)            No connection
 Safari 9 iOS 9               No connection
 Safari 9 OS X 10.11          No connection
 Safari 10 OS X 10.12         No connection
 Safari 12.1 (iOS 12.2)       No connection
 Safari 13.0 (macOS 10.14.6)  No connection
 Apple ATS 9 iOS 9            No connection
 Java 6u45                    No connection
 Java 7u25                    No connection
 Java 8u161                   No connection
 Java 11.0.2 (OpenJDK)        No connection
 Java 12.0.1 (OpenJDK)        No connection
 OpenSSL 1.0.2e               No connection
 OpenSSL 1.1.0l (Debian)      No connection
 OpenSSL 1.1.1d (Debian)      No connection
 Thunderbird (68.3)           No connection


[1m[4m Rating (experimental) [m

[1m Rating specs[m (not complete)  SSL Labs's 'SSL Server Rating Guide' (version 2009q from 2020-01-30)
[1m Specification documentation  [mhttps://github.com/ssllabs/research/wiki/SSL-Server-Rating-Guide
[1m Protocol Support [m(weighted)  50 (15)
[1m Key Exchange [m    (weighted)  100 (30)
[1m Cipher Strength [m (weighted)  60 (24)
[1m Final Score                  [m69
[1m Overall Grade                [m[0;33mC[m
[1m Grade cap reasons            [mGrade capped to C. TLS 1.2 or TLS 1.3 are not offered
                              Grade capped to B. Forward Secrecy (FS) is not supported

[7m Done 2021-01-07 15:11:32 [ 235s] -->> 127.0.0.1:587 (localhost) <<--[m


## Scan started as: "testssl.sh --logfile ../outputs/testssl-3.log --append --connect-timeout 10 --openssl-timeout 10 -t pop3 localhost:110"
## at ubuntu-20:./bin/openssl.Linux.x86_64
## version testssl: 3.1dev 477bd13 from 2021-01-07
## version openssl: "1.0.2-chacha" from "Jan 18 17:12:17 2019")

[7m Start 2021-01-07 15:11:34        -->> 127.0.0.1:110 (localhost) <<--[m

 A record via:           /etc/hosts 
 rDNS (127.0.0.1):       --[0;35m Oops: TCP connect problem[m

[0;35mUnable to open a socket to 127.0.0.1:110. [m
[1;35mFatal error: Can't connect to "127.0.0.1:110"
Make sure a firewall is not between you and your scanning target![m

## Scan started as: "testssl.sh --logfile ../outputs/testssl-3.log --append --connect-timeout 10 --openssl-timeout 10 -t pop3 localhost:995"
## at ubuntu-20:./bin/openssl.Linux.x86_64
## version testssl: 3.1dev 477bd13 from 2021-01-07
## version openssl: "1.0.2-chacha" from "Jan 18 17:12:17 2019")

[7m Start 2021-01-07 15:11:36        -->> 127.0.0.1:995 (localhost) <<--[m

 A record via:           /etc/hosts 
 rDNS (127.0.0.1):       --[0;35m Oops: TCP connect problem[m

[0;35mUnable to open a socket to 127.0.0.1:995. [m
[1;35mFatal error: Can't connect to "127.0.0.1:995"
Make sure a firewall is not between you and your scanning target![m

## Scan started as: "testssl.sh --logfile ../outputs/testssl-3.log --append --connect-timeout 10 --openssl-timeout 10 --ssl-native localhost:110"
## at ubuntu-20:./bin/openssl.Linux.x86_64
## version testssl: 3.1dev 477bd13 from 2021-01-07
## version openssl: "1.0.2-chacha" from "Jan 18 17:12:17 2019")

[7m Start 2021-01-07 15:11:39        -->> 127.0.0.1:110 (localhost) <<--[m

 A record via:           /etc/hosts 
 rDNS (127.0.0.1):       --[0;35m Oops: TCP connect problem[m

[0;35mUnable to open a socket to 127.0.0.1:110. [m
[1;35mFatal error: Can't connect to "127.0.0.1:110"
Make sure a firewall is not between you and your scanning target![m

## Scan started as: "testssl.sh --logfile ../outputs/testssl-3.log --append --connect-timeout 10 --openssl-timeout 10 --ssl-native localhost:995"
## at ubuntu-20:./bin/openssl.Linux.x86_64
## version testssl: 3.1dev 477bd13 from 2021-01-07
## version openssl: "1.0.2-chacha" from "Jan 18 17:12:17 2019")

[7m Start 2021-01-07 15:11:41        -->> 127.0.0.1:995 (localhost) <<--[m

 A record via:           /etc/hosts 
 rDNS (127.0.0.1):       --[0;35m Oops: TCP connect problem[m

[0;35mUnable to open a socket to 127.0.0.1:995. [m
[1;35mFatal error: Can't connect to "127.0.0.1:995"
Make sure a firewall is not between you and your scanning target![m

## Scan started as: "testssl.sh --logfile ../outputs/testssl-3.log --append --connect-timeout 10 --openssl-timeout 10 -t imap localhost:993"
## at ubuntu-20:./bin/openssl.Linux.x86_64
## version testssl: 3.1dev 477bd13 from 2021-01-07
## version openssl: "1.0.2-chacha" from "Jan 18 17:12:17 2019")

[7m Start 2021-01-07 15:11:43        -->> 127.0.0.1:993 (localhost) <<--[m

 A record via:           /etc/hosts 
 rDNS (127.0.0.1):       --[0;35m Oops: TCP connect problem[m

[0;35mUnable to open a socket to 127.0.0.1:993. [m
[1;35mFatal error: Can't connect to "127.0.0.1:993"
Make sure a firewall is not between you and your scanning target![m

## Scan started as: "testssl.sh --logfile ../outputs/testssl-3.log --append --connect-timeout 10 --openssl-timeout 10 --ssl-native localhost:993"
## at ubuntu-20:./bin/openssl.Linux.x86_64
## version testssl: 3.1dev 477bd13 from 2021-01-07
## version openssl: "1.0.2-chacha" from "Jan 18 17:12:17 2019")

[7m Start 2021-01-07 15:11:45        -->> 127.0.0.1:993 (localhost) <<--[m

 A record via:           /etc/hosts 
 rDNS (127.0.0.1):       --[0;35m Oops: TCP connect problem[m

[0;35mUnable to open a socket to 127.0.0.1:993. [m
[1;35mFatal error: Can't connect to "127.0.0.1:993"
Make sure a firewall is not between you and your scanning target![m

## Scan started as: "testssl.sh --logfile ../outputs/testssl-3.log --append --connect-timeout 10 --openssl-timeout 10 -t postgres localhost:5432"
## at ubuntu-20:./bin/openssl.Linux.x86_64
## version testssl: 3.1dev 477bd13 from 2021-01-07
## version openssl: "1.0.2-chacha" from "Jan 18 17:12:17 2019")

[7m Start 2021-01-07 15:11:48        -->> 127.0.0.1:5432 (localhost) <<--[m

 A record via:           /etc/hosts 
 rDNS (127.0.0.1):       --[0;35m Oops: TCP connect problem[m

[0;35mUnable to open a socket to 127.0.0.1:5432. [m
[1;35mFatal error: Can't connect to "127.0.0.1:5432"
Make sure a firewall is not between you and your scanning target![m

## Scan started as: "testssl.sh --logfile ../outputs/testssl-3.log --append --connect-timeout 10 --openssl-timeout 10 --ssl-native localhost:5432"
## at ubuntu-20:./bin/openssl.Linux.x86_64
## version testssl: 3.1dev 477bd13 from 2021-01-07
## version openssl: "1.0.2-chacha" from "Jan 18 17:12:17 2019")

[7m Start 2021-01-07 15:11:50        -->> 127.0.0.1:5432 (localhost) <<--[m

 A record via:           /etc/hosts 
 rDNS (127.0.0.1):       --[0;35m Oops: TCP connect problem[m

[0;35mUnable to open a socket to 127.0.0.1:5432. [m
[1;35mFatal error: Can't connect to "127.0.0.1:5432"
Make sure a firewall is not between you and your scanning target![m

## Scan started as: "testssl.sh --logfile ../outputs/testssl-3.log --append --connect-timeout 10 --openssl-timeout 10 -t mysql localhost:3306"
## at ubuntu-20:./bin/openssl.Linux.x86_64
## version testssl: 3.1dev 477bd13 from 2021-01-07
## version openssl: "1.0.2-chacha" from "Jan 18 17:12:17 2019")

[7m Start 2021-01-07 15:11:52        -->> 127.0.0.1:3306 (localhost) <<--[m

 A record via:           /etc/hosts 
 rDNS (127.0.0.1):       --[0;35m Oops: TCP connect problem[m

[0;35mUnable to open a socket to 127.0.0.1:3306. [m
[1;35mFatal error: Can't connect to "127.0.0.1:3306"
Make sure a firewall is not between you and your scanning target![m

## Scan started as: "testssl.sh --logfile ../outputs/testssl-3.log --append --connect-timeout 10 --openssl-timeout 10 --ssl-native localhost:3306"
## at ubuntu-20:./bin/openssl.Linux.x86_64
## version testssl: 3.1dev 477bd13 from 2021-01-07
## version openssl: "1.0.2-chacha" from "Jan 18 17:12:17 2019")

[7m Start 2021-01-07 15:11:54        -->> 127.0.0.1:3306 (localhost) <<--[m

 A record via:           /etc/hosts 
 rDNS (127.0.0.1):       --[0;35m Oops: TCP connect problem[m

[0;35mUnable to open a socket to 127.0.0.1:3306. [m
[1;35mFatal error: Can't connect to "127.0.0.1:3306"
Make sure a firewall is not between you and your scanning target![m