I have the follow alarm from from security department.
I have executed the follow commands and obtained these results.
What does these results mean?
Thanks for your help
We keep in mind!
In reviewing your images, the presence of "SSL23_WRITE:ssl handshake failure" following your CONNECTED confirmation, indicates a probable false positive. Is Q38142 reporting as a confirmed or potential vuln?
If the result is an SSL handshake error similar to the example below, the host is not vulnerable:
9216:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:226:
depending on the service, you may need to use a different option with the openssl s_client.
For example, when connecting to a SMTP server, the following command is used:
openssl s_client -state -starttls smtp -connect IP:PORT -cipher aNULL
Support can run a manual test on this if the IP is public. Please feel free to send me a private message with the IP or open a support ticket (email@example.com or 1-866-801-6161)
Thanks for your answer. We only can try in these two services (http y https).
my question is "our syntaxs about open ssl just over (two pictures)............ are there right?"
Your command looks correct but without knowing more about the host I can't say if it is a 100% accurate manual test.
Retrieving data ...