The Un-Official Proxomitron Forum / Forum Related / Proxomitron Program v / Adapting proxo 4.5 to the latest OpenSSL DLLs


Post Reply 
Adapting proxo 4.5 to the latest OpenSSL DLLs
Nov. 01, 2014, 06:22 PM
Post: #8
JJoe Offline
Administrator
*******
 		Posts: 1,640
Joined: Oct 2005
RE: Adapting proxo 4.5 to the latest OpenSSL DLLs
(Nov. 01, 2014 05:02 AM)ProxRocks Wrote:  what advantages are there, if any, to patching to use the latest OpenSSL?

Latest OpenSSL is "TLSv1.2" while Proxo's old is TLSv1 or older.
Some advantages are quality and quantity of ciphers, Proxomitron's traffic may be less odd, and ability to access more sites.

More info at
https://www.howsmyssl.com/
https://www.howsmyssl.com/s/about.html .

Patching will not gain best practice security, however. Some old problems remain. So be aware regardless.

Before:
Code:
From: https://cc.dcsec.uni-hannover.de/
Cipher Suites Supported by Your Browser (ordered by preference):

SpecCipher Suite NameKey SizeDescription
(00,39)DHE-RSA-AES256-SHA256 BitKey exchange: DH, encryption: AES, MAC: SHA1.
(00,38)DHE-DSS-AES256-SHA256 BitKey exchange: DH, encryption: AES, MAC: SHA1.
(00,35)RSA-AES256-SHA256 BitKey exchange: RSA, encryption: AES, MAC: SHA1.
(00,16)DHE-RSA-3DES-EDE-SHA168 BitKey exchange: DH, encryption: 3DES, MAC: SHA1.
(00,13)DHE-DSS-3DES-EDE-SHA168 BitKey exchange: DH, encryption: 3DES, MAC: SHA1.
(00,0a)RSA-3DES-EDE-SHA168 BitKey exchange: RSA, encryption: 3DES, MAC: SHA1.
(07,00c0)DES192-EDE3-MD5168 BitKey exchange: Data Encryption Standard (DES), encryption algorithm is unknown, MAC: MD5.
(00,33)DHE-RSA-AES128-SHA128 BitKey exchange: DH, encryption: AES, MAC: SHA1.
(00,32)DHE-DSS-AES128-SHA128 BitKey exchange: DH, encryption: AES, MAC: SHA1.
(00,2f)RSA-AES128-SHA128 BitKey exchange: RSA, encryption: AES, MAC: SHA1.
(00,07)RSA-IDEA-SHA128 BitKey exchange: RSA, encryption: IDEA, MAC: SHA1.
(05,0080)IDEA128-MD5128 BitKey exchange: IDEA, encryption algorithm is unknown, MAC: MD5.
(03,0080)RC2128-MD5128 BitKey exchange: RC2, encryption algorithm is unknown, MAC: MD5.
(00,66)DHE-DSS-RC4128-SHA128 BitKey exchange: DH, encryption: RC4, MAC: SHA1.
(00,05)RSA-RC4128-SHA128 BitKey exchange: RSA, encryption: RC4, MAC: SHA1.
(00,04)RSA-RC4128-MD5128 BitKey exchange: RSA, encryption: RC4, MAC: MD5.
(01,0080)RC4128-MD5128 BitKey exchange: RC4, encryption algorithm is unknown, MAC: MD5.
(08,0080)RC464-MD564 BitKey exchange: RC4, encryption algorithm is unknown, MAC: MD5.
(00,63)DHE-DSS-EXPORT1024-DES-SHA56 BitKey exchange: DH, encryption: DES, MAC: SHA1.
(00,62)RSA-EXPORT1024-DES-SHA56 BitKey exchange: RSA, encryption: DES, MAC: SHA1.
(00,61)RSA-EXPORT1024-RC2-CBC56-MD556 BitKey exchange: RSA, encryption: RC2, MAC: MD5.
(00,15)DHE-RSA-DES-SHA56 BitKey exchange: DH, encryption: DES, MAC: SHA1.
(00,12)DHE-DSS-DES-SHA56 BitKey exchange: DH, encryption: DES, MAC: SHA1.
(00,09)RSA-DES-SHA56 BitKey exchange: RSA, encryption: DES, MAC: SHA1.
(06,0040)DES64-MD556 BitKey exchange: Data Encryption Standard (DES), encryption algorithm is unknown, MAC: MD5.
(00,65)DHE-DSS-EXPORT1024-RC456-SHA56 BitKey exchange: DH, encryption: RC4, MAC: SHA1.
(00,64)RSA-EXPORT1024-RC456-SHA56 BitKey exchange: RSA, encryption: RC4, MAC: SHA1.
(00,60)RSA-EXPORT1024-RC456-MD556 BitKey exchange: RSA, encryption: RC4, MAC: MD5.
(00,14)DHE-RSA-EXPORT-DES40-SHA40 BitKey exchange: DH, encryption: DES40, MAC: SHA1.
(00,11)DHE-DSS-EXPORT-DES40-SHA40 BitKey exchange: DH, encryption: DES40, MAC: SHA1.
(00,08)RSA-EXPORT-DES40-SHA40 BitKey exchange: RSA, encryption: DES40, MAC: SHA1.
(00,06)RSA-EXPORT-RC2-CBC40-MD540 BitKey exchange: RSA, encryption: RC2, MAC: MD5.
(04,0080)RC2128-EXPORT40-MD540 BitKey exchange: RC2, encryption algorithm is unknown, MAC: MD5.
(00,03)RSA-EXPORT-RC440-MD540 BitKey exchange: RSA, encryption: RC4, MAC: MD5.
(02,0080)RC4128-EXPORT40-MD540 BitKey exchange: RC4, encryption algorithm is unknown, MAC: MD5.

Further information:

User-Agent:???
Preferred SSL/TLS version: TLSv1
SNI information: Your browser did not send SNI information.
SSL stack current time: The TLS stack of your browser did not send a time value.

This connection uses TLSv1 with DHE-RSA-AES256-SHA and a 256 Bit key for encryption.

Raw:

Version: 3.1
Ciphers: 39,38,35,16,13,0a,0700c0,33,32,2f,07,050080,030080,66,05,04,010080,080080,63,62,61,15,12,09,060040,65,64,60,14,11,08,06,040080,03,020080
Extensions: The TLS stack of your browser did not send extensions.
Remote Time: The TLS stack of your browser did not send a time value.

This service is provided by the DCSEC research group at Leibniz University Hannover. Imprint
If you have any comments or questions please contact Sascha Fahl

After:
Code:
From: https://cc.dcsec.uni-hannover.de/
Cipher Suites Supported by Your Browser (ordered by preference):

SpecCipher Suite NameKey SizeDescription
(c0,30)ECDHE-RSA-AES256-GCM-SHA384256 BitKey exchange: ECDH, encryption: AES, MAC: SHA384.
(c0,2c)ECDHE-ECDSA-AES256-GCM-SHA384256 BitKey exchange: ECDH, encryption: AES, MAC: SHA384.
(c0,28)ECDHE-RSA-AES256-SHA384256 BitKey exchange: ECDH, encryption: AES, MAC: SHA384.
(c0,24)ECDHE-ECDSA-AES256-SHA384256 BitKey exchange: ECDH, encryption: AES, MAC: SHA384.
(c0,14)ECDHE-RSA-AES256-SHA256 BitKey exchange: ECDH, encryption: AES, MAC: SHA1.
(c0,0a)ECDHE-ECDSA-AES256-SHA256 BitKey exchange: ECDH, encryption: AES, MAC: SHA1.
(00,a3)DHE-DSS-AES256-GCM-SHA384256 BitKey exchange: DH, encryption: AES, MAC: SHA384.
(00,9f)DHE-RSA-AES256-GCM-SHA384256 BitKey exchange: DH, encryption: AES, MAC: SHA384.
(00,6b)DHE-RSA-AES256-SHA256256 BitKey exchange: DH, encryption: AES, MAC: SHA256.
(00,6a)DHE-DSS-AES256-SHA256256 BitKey exchange: DH, encryption: AES, MAC: SHA256.
(00,39)DHE-RSA-AES256-SHA256 BitKey exchange: DH, encryption: AES, MAC: SHA1.
(00,38)DHE-DSS-AES256-SHA256 BitKey exchange: DH, encryption: AES, MAC: SHA1.
(00,88)DHE-RSA-CAMELLIA256-SHA256 BitKey exchange: DH, encryption: Camellia, MAC: SHA1.
(00,87)DHE-DSS-CAMELLIA256-SHA256 BitKey exchange: DH, encryption: Camellia, MAC: SHA1.
(c0,32)ECDH-RSA-AES256-GCM-SHA384256 BitKey exchange: ECDH, encryption: AES, MAC: SHA384.
(c0,2e)ECDH-ECDSA-AES256-GCM-SHA384256 BitKey exchange: ECDH, encryption: AES, MAC: SHA384.
(c0,2a)ECDH-RSA-AES256-SHA384256 BitKey exchange: ECDH, encryption: AES, MAC: SHA384.
(c0,26)ECDH-ECDSA-AES256-SHA384256 BitKey exchange: ECDH, encryption: AES, MAC: SHA384.
(c0,0f)ECDH-RSA-AES256-SHA256 BitKey exchange: ECDH, encryption: AES, MAC: SHA1.
(c0,05)ECDH-ECDSA-AES256-SHA256 BitKey exchange: ECDH, encryption: AES, MAC: SHA1.
(00,9d)RSA-AES256-GCM-SHA384256 BitKey exchange: RSA, encryption: AES, MAC: SHA384.
(00,3d)DH-RSA-MISTY1-SHA128 BitKey exchange: DH, encryption: MISTY1, MAC: SHA1.
(00,35)RSA-AES256-SHA256 BitKey exchange: RSA, encryption: AES, MAC: SHA1.
(00,84)RSA-CAMELLIA256-SHA256 BitKey exchange: RSA, encryption: Camellia, MAC: SHA1.
(c0,2f)ECDHE-RSA-AES128-GCM-SHA256128 BitKey exchange: ECDH, encryption: AES, MAC: SHA256.
(c0,2b)ECDHE-ECDSA-AES128-GCM-SHA256128 BitKey exchange: ECDH, encryption: AES, MAC: SHA256.
(c0,27)ECDHE-RSA-AES128-SHA256128 BitKey exchange: ECDH, encryption: AES, MAC: SHA256.
(c0,23)ECDHE-ECDSA-AES128-SHA256128 BitKey exchange: ECDH, encryption: AES, MAC: SHA256.
(c0,13)ECDHE-RSA-AES128-SHA128 BitKey exchange: ECDH, encryption: AES, MAC: SHA1.
(c0,09)ECDHE-ECDSA-AES128-SHA128 BitKey exchange: ECDH, encryption: AES, MAC: SHA1.
(00,a2)DHE-DSS-AES128-GCM-SHA256128 BitKey exchange: DH, encryption: AES, MAC: SHA256.
(00,9e)DHE-RSA-AES128-GCM-SHA256128 BitKey exchange: DH, encryption: AES, MAC: SHA256.
(00,67)DHE-RSA-AES128-SHA256128 BitKey exchange: DH, encryption: AES, MAC: SHA256.
(00,40)DH-ANON-MISTY1-SHA128 BitKey exchange: DH, encryption: MISTY1, MAC: SHA1.
(00,33)DHE-RSA-AES128-SHA128 BitKey exchange: DH, encryption: AES, MAC: SHA1.
(00,32)DHE-DSS-AES128-SHA128 BitKey exchange: DH, encryption: AES, MAC: SHA1.
(00,9a)DHE-RSA-SEED-SHA128 BitKey exchange: DH, encryption: seed, MAC: SHA1.
(00,99)DHE-DSS-SEED-SHA128 BitKey exchange: DH, encryption: seed, MAC: SHA1.
(00,45)DHE-RSA-CAMELLIA128-SHA128 BitKey exchange: DH, encryption: Camellia, MAC: SHA1.
(00,44)DHE-DSS-CAMELLIA128-SHA128 BitKey exchange: DH, encryption: Camellia, MAC: SHA1.
(c0,31)ECDH-RSA-AES128-GCM-SHA256128 BitKey exchange: ECDH, encryption: AES, MAC: SHA256.
(c0,2d)ECDH-ECDSA-AES128-GCM-SHA256128 BitKey exchange: ECDH, encryption: AES, MAC: SHA256.
(c0,29)ECDH-RSA-AES128-SHA256128 BitKey exchange: ECDH, encryption: AES, MAC: SHA256.
(c0,25)ECDH-ECDSA-AES128-SHA256128 BitKey exchange: ECDH, encryption: AES, MAC: SHA256.
(c0,0e)ECDH-RSA-AES128-SHA128 BitKey exchange: ECDH, encryption: AES, MAC: SHA1.
(c0,04)ECDH-ECDSA-AES128-SHA128 BitKey exchange: ECDH, encryption: AES, MAC: SHA1.
(00,9c)RSA-AES128-GCM-SHA256128 BitKey exchange: RSA, encryption: AES, MAC: SHA256.
(00,3c)DH-DSS-MISTY1-SHA128 BitKey exchange: DH, encryption: MISTY1, MAC: SHA1.
(00,2f)RSA-AES128-SHA128 BitKey exchange: RSA, encryption: AES, MAC: SHA1.
(00,96)RSA-SEED-SHA128 BitKey exchange: RSA, encryption: seed, MAC: SHA1.
(00,41)RSA-CAMELLIA128-SHA128 BitKey exchange: RSA, encryption: Camellia, MAC: SHA1.
(00,07)RSA-IDEA-SHA128 BitKey exchange: RSA, encryption: IDEA, MAC: SHA1.
(c0,11)ECDHE-RSA-RC4128-SHA128 BitKey exchange: ECDH, encryption: RC4, MAC: SHA1.
(c0,07)ECDHE-ECDSA-RC4128-SHA128 BitKey exchange: ECDH, encryption: RC4, MAC: SHA1.
(c0,0c)ECDH-RSA-RC4128-SHA128 BitKey exchange: ECDH, encryption: RC4, MAC: SHA1.
(c0,02)ECDH-ECDSA-RC4128-SHA128 BitKey exchange: ECDH, encryption: RC4, MAC: SHA1.
(00,05)RSA-RC4128-SHA128 BitKey exchange: RSA, encryption: RC4, MAC: SHA1.
(00,04)RSA-RC4128-MD5128 BitKey exchange: RSA, encryption: RC4, MAC: MD5.
(c0,12)ECDHE-RSA-3DES-EDE-SHA168 BitKey exchange: ECDH, encryption: 3DES, MAC: SHA1.
(c0,08)ECDHE-ECDSA-3DES-EDE-SHA168 BitKey exchange: ECDH, encryption: 3DES, MAC: SHA1.
(00,16)DHE-RSA-3DES-EDE-SHA168 BitKey exchange: DH, encryption: 3DES, MAC: SHA1.
(00,13)DHE-DSS-3DES-EDE-SHA168 BitKey exchange: DH, encryption: 3DES, MAC: SHA1.
(c0,0d)ECDH-RSA-3DES-EDE-SHA168 BitKey exchange: ECDH, encryption: 3DES, MAC: SHA1.
(c0,03)ECDH-ECDSA-3DES-EDE-SHA168 BitKey exchange: ECDH, encryption: 3DES, MAC: SHA1.
(00,0a)RSA-3DES-EDE-SHA168 BitKey exchange: RSA, encryption: 3DES, MAC: SHA1.
(00,15)DHE-RSA-DES-SHA56 BitKey exchange: DH, encryption: DES, MAC: SHA1.
(00,12)DHE-DSS-DES-SHA56 BitKey exchange: DH, encryption: DES, MAC: SHA1.
(00,09)RSA-DES-SHA56 BitKey exchange: RSA, encryption: DES, MAC: SHA1.
(00,14)DHE-RSA-EXPORT-DES40-SHA40 BitKey exchange: DH, encryption: DES40, MAC: SHA1.
(00,11)DHE-DSS-EXPORT-DES40-SHA40 BitKey exchange: DH, encryption: DES40, MAC: SHA1.
(00,08)RSA-EXPORT-DES40-SHA40 BitKey exchange: RSA, encryption: DES40, MAC: SHA1.
(00,06)RSA-EXPORT-RC2-CBC40-MD540 BitKey exchange: RSA, encryption: RC2, MAC: MD5.
(00,03)RSA-EXPORT-RC440-MD540 BitKey exchange: RSA, encryption: RC4, MAC: MD5.
(00,ff)EMPTY-RENEGOTIATION-INFO-SCSV0 BitUsed for secure renegotation.

Further information:

User-Agent:???
Preferred SSL/TLS version: TLSv1
SNI information: Your browser did not send SNI information.
SSL stack current time: The TLS stack of your browser did not send a time value.

This connection uses TLSv1.2 with ECDHE-RSA-AES256-GCM-SHA384 and a 256 Bit key for encryption.

Raw:

Version: 3.1
Ciphers: c030,c02c,c028,c024,c014,c00a,a3,9f,6b,6a,39,38,88,87,c032,c02e,c02a,c026,c00f,c005,9d,3d,35,84,c02f,c02b,c027,c023,c013,c009,a2,9e,67,40,33,32,9a,99,45,44,c031,c02d,c029,c025,c00e,c004,9c,3c,2f,96,41,07,c011,c007,c00c,c002,05,04,c012,c008,16,13,c00d,c003,0a,15,12,09,14,11,08,06,03,ff
Extensions: 000b,000a,0023,000d,000f
Remote Time: The TLS stack of your browser did not send a time value.

This service is provided by the DCSEC research group at Leibniz University Hannover. Imprint
If you have any comments or questions please contact Sascha Fahl
Add Thank You Quote this message in a reply
Post Reply 


Messages In This Thread
RE: Adapting proxo 4.5 to the latest OpenSSL DLLs - JJoe - Nov. 01, 2014 06:22 PM

Forum Jump:


Contact Us | The Un-Official Proxomitron Site | Return to Top | Return to Content | Lite (Archive) Mode | RSS Syndication