Visualization of SSL Setting Status Such as the FQDN Mismatch

Abstract

In 2009, researchers released details of a vulnerability in the SSL and TLS protocols that could allow Man-in-the-Middle attacks to be carried out. IETF published countermeasures with unprecedented speed as RFC5746, however server-side implementations are not deployed because of problems in business such as the loss of opportunities and backward compatibilities. An efficient DOS attack tool using this vulnerability launched by hacker group. Also, an update that blocks RSA keys less than 1024 bits, which it is recognized should only be used by those understanding the risks involved distributed in August 2012. In November 2012, NISC published a concrete transitioning plan on government systems. Thus measures to be considered are present in the handling of SSL/TLS servers. We went crawling using SSLyze the status of measures above vulnerabilities. This paper also proposes visualization methods to understand the latest status and the statistics for geographical regions.