/ SSL

SSL/TLS: FREAK vulnerability and a Nagios check for that!

TL;DR

Today a new SSL/TLS vulnerability has been made public which uses the old EXPORT ciphers to drive MITM (Man-in-the-middle) Attacks.

Detailed information?

You can find much more detailed information about that vulnerability at Matthew D. Green's Blog and at Akamai.

The check for all of you!

I've tested all my private and business machines which are not vulnerable and made a nagios-compatible check for that. You can run it with Nagios or Icinga to check multiple services at once or use the check on the command-line to check them once.

You can find the check as a Github Gist here. If have any problems or enhancements, let me know!