Friday October 24, 2008 Meena Vyas
All
|
DTrace Web Server 7.0
|
ACLs Web Server 7.0
|
General Web Server 7.0
|
HttpCompression Web Server 7.0
|
Intrusion Detection Web Server 7.0
|
Open Web Server
|
Reference Deployments of Web Server 7.0
|
Reverse Proxy Web Server 7.0
|
Security Web Server 7.0
|
Troubleshooting Web Server 7.0
|
WebDAV Web Server 7.0
Friday October 24, 2008 DTrace script to collect information about cipher suites used
DTrace script to collect information about cipher suites used
Here is a script I have to trace SSL calls. Running this script on a Web Server instance (32 bit ) pid lets say in our case is 9149. Sending some SSL requests on to this server :
There are two ways to run this log=normal and log=verbose. Pressing control C returns the statistical data.
$./ssltop.d 9149 log=normalt@26: 2008 Oct 30 16:50:56: 129.158.224.109 Connection createdt@26: 2008 Oct 30 16:50:56: ListenSocket::accept calledt@30: 2008 Oct 30 16:50:56: 129.158.224.109 Negotiated cipher RC4t@33: 2008 Oct 30 16:51:06: 129.158.224.109 Negotiated cipher AES-256t@32: 2008 Oct 30 16:51:06: 129.158.224.109 Negotiated cipher AES-256t@26: 2008 Oct 30 16:51:06: 129.158.224.109 Connection createdt@26: 2008 Oct 30 16:51:06: ListenSocket::accept calledt@33: 2008 Oct 30 16:51:06: 129.158.224.109 Negotiated cipher AES-256t@32: 2008 Oct 30 16:51:06: 129.158.224.109 Negotiated cipher AES-256t@33: 2008 Oct 30 16:51:06: 129.158.224.109 Negotiated cipher AES-256t@32: 2008 Oct 30 16:51:06: 129.158.224.109 Negotiated cipher AES-256t@33: 2008 Oct 30 16:51:06: 129.158.224.109 Negotiated cipher AES-256t@32: 2008 Oct 30 16:51:06: 129.158.224.109 Negotiated cipher AES-256t@33: 2008 Oct 30 16:51:06: 129.158.224.109 Negotiated cipher AES-256t@32: 2008 Oct 30 16:51:06: 129.158.224.109 Negotiated cipher AES-256t@33: 2008 Oct 30 16:51:06: 129.158.224.109 Negotiated cipher AES-256t@32: 2008 Oct 30 16:51:06: 129.158.224.109 Negotiated cipher AES-256t@30: 2008 Oct 30 16:51:06: 129.158.224.109 Negotiated cipher AES-256^CSSL Functions Called--------------------count FunctionSSL Ciphers used--------------------count cipher suite1 RC413 AES-256
Posted by meena ( Oct 24 2008, 03:24:39 PM IST ) Permalink Comments [1]Running in verbose mode gives more information :
$./ssltop.d 9149 log=verboset@32: 2008 Oct 30 16:50:13: Entered ssl3_GatherAppDataRecord ...t@32: 2008 Oct 30 16:50:13: Entered ssl3_GatherCompleteHandshake ...t@32: 2008 Oct 30 16:50:13: Entered ssl3_GatherData ...t@35: 2008 Oct 30 16:50:13: Entered ssl3_GatherAppDataRecord ...t@35: 2008 Oct 30 16:50:13: Entered ssl3_GatherCompleteHandshake ...t@35: 2008 Oct 30 16:50:13: Entered ssl3_GatherData ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_HandleRecord ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_ClientAuthTokenPresent ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_ComputeRecordMAC ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_BumpSequenceNumber ...t@32: 2008 Oct 30 16:50:14: 129.158.224.109 Negotiated cipher AES-256t@32: 2008 Oct 30 16:50:14: Entered ssl3_SendApplicationData ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_SendRecord ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_ClientAuthTokenPresent ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_CompressMACEncryptRecord ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_ComputeRecordMAC ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_BumpSequenceNumber ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_SendApplicationData ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_SendRecord ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_ClientAuthTokenPresent ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_CompressMACEncryptRecord ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_ComputeRecordMAC ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_BumpSequenceNumber ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_GatherAppDataRecord ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_GatherCompleteHandshake ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_GatherData ...t@35: 2008 Oct 30 16:50:14: Entered ssl3_HandleRecord ...t@35: 2008 Oct 30 16:50:14: Entered ssl3_ClientAuthTokenPresent ...t@35: 2008 Oct 30 16:50:14: Entered ssl3_ComputeRecordMAC ...t@35: 2008 Oct 30 16:50:14: Entered ssl3_BumpSequenceNumber ...t@35: 2008 Oct 30 16:50:14: 129.158.224.109 Negotiated cipher AES-256t@35: 2008 Oct 30 16:50:14: Entered ssl3_SendApplicationData ...t@35: 2008 Oct 30 16:50:14: Entered ssl3_SendRecord ...t@35: 2008 Oct 30 16:50:14: Entered ssl3_ClientAuthTokenPresent ...t@35: 2008 Oct 30 16:50:14: Entered ssl3_CompressMACEncryptRecord ...t@35: 2008 Oct 30 16:50:14: Entered ssl3_ComputeRecordMAC ...t@35: 2008 Oct 30 16:50:14: Entered ssl3_BumpSequenceNumber ...t@35: 2008 Oct 30 16:50:14: Entered ssl3_GatherAppDataRecord ...t@35: 2008 Oct 30 16:50:14: Entered ssl3_GatherCompleteHandshake ...t@35: 2008 Oct 30 16:50:14: Entered ssl3_GatherData ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_HandleRecord ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_ClientAuthTokenPresent ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_ComputeRecordMAC ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_BumpSequenceNumber ...t@32: 2008 Oct 30 16:50:14: 129.158.224.109 Negotiated cipher AES-256t@32: 2008 Oct 30 16:50:14: Entered ssl3_SendApplicationData ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_SendRecord ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_ClientAuthTokenPresent ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_CompressMACEncryptRecord ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_ComputeRecordMAC ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_BumpSequenceNumber ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_GatherAppDataRecord ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_GatherCompleteHandshake ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_GatherData ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_HandleRecord ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_ClientAuthTokenPresent ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_ComputeRecordMAC ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_BumpSequenceNumber ...t@32: 2008 Oct 30 16:50:14: 129.158.224.109 Negotiated cipher AES-256t@32: 2008 Oct 30 16:50:14: Entered ssl3_SendApplicationData ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_SendRecord ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_ClientAuthTokenPresent ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_CompressMACEncryptRecord ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_ComputeRecordMAC ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_BumpSequenceNumber ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_GatherAppDataRecord ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_GatherCompleteHandshake ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_GatherData ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_HandleRecord ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_ClientAuthTokenPresent ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_ComputeRecordMAC ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_BumpSequenceNumber ...t@32: 2008 Oct 30 16:50:14: 129.158.224.109 Negotiated cipher AES-256t@32: 2008 Oct 30 16:50:14: Entered ssl3_SendApplicationData ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_SendRecord ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_ClientAuthTokenPresent ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_CompressMACEncryptRecord ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_ComputeRecordMAC ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_BumpSequenceNumber ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_GatherAppDataRecord ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_GatherCompleteHandshake ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_GatherData ......t@32: 2008 Oct 30 16:50:14: Entered ssl3_BumpSequenceNumber ...t@32: 2008 Oct 30 16:50:14: 129.158.224.109 Negotiated cipher AES-256t@32: 2008 Oct 30 16:50:14: Entered ssl3_SendApplicationData ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_SendRecord ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_ClientAuthTokenPresent ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_CompressMACEncryptRecord ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_ComputeRecordMAC ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_BumpSequenceNumber ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_GatherAppDataRecord ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_GatherCompleteHandshake ...t@32: 2008 Oct 30 16:50:14: Entered ssl3_GatherData ...t@35: 2008 Oct 30 16:50:14: Entered ssl3_HandleRecord ...t@35: 2008 Oct 30 16:50:14: Entered ssl3_ClientAuthTokenPresent ...t@35: 2008 Oct 30 16:50:14: Entered ssl3_ComputeRecordMAC ...t@35: 2008 Oct 30 16:50:14: Entered ssl3_BumpSequenceNumber ...t@35: 2008 Oct 30 16:50:14: 129.158.224.109 Negotiated cipher AES-256t@35: 2008 Oct 30 16:50:14: Entered ssl3_SendApplicationData ...t@35: 2008 Oct 30 16:50:14: Entered ssl3_SendRecord ...t@35: 2008 Oct 30 16:50:14: Entered ssl3_ClientAuthTokenPresent ...t@35: 2008 Oct 30 16:50:14: Entered ssl3_CompressMACEncryptRecord ...t@35: 2008 Oct 30 16:50:14: Entered ssl3_ComputeRecordMAC ...t@35: 2008 Oct 30 16:50:14: Entered ssl3_BumpSequenceNumber ...t@35: 2008 Oct 30 16:50:14: Entered ssl3_GatherAppDataRecord ...t@35: 2008 Oct 30 16:50:14: Entered ssl3_GatherCompleteHandshake ...t@35: 2008 Oct 30 16:50:14: Entered ssl3_GatherData ...^CSSL Functions Called--------------------count Function13 ssl3_HandleRecord15 ssl3_CompressMACEncryptRecord15 ssl3_GatherAppDataRecord15 ssl3_GatherCompleteHandshake15 ssl3_GatherData15 ssl3_SendApplicationData15 ssl3_SendRecord28 ssl3_BumpSequenceNumber28 ssl3_ClientAuthTokenPresent28 ssl3_ComputeRecordMACSSL Ciphers used--------------------count cipher suite13 AES-256
Trackback URL: http://blogs.sun.com/meena/entry/dtarce_script_to_collect_information
Post a Comment:
This blog copyright 2009 by meena
This'll be useful for some of the cipher suite usage questions, cool.
Posted by Jyri on October 24, 2008 at 08:11 PM IST #