Jump to content

nanobot

Sophist Member
  • Content Count

    1,450
  • Joined

  • Last visited

  • Speed Test

    My Results
  • Days Won

    45

Reputation Activity

  1. Like
    nanobot got a reaction from CA3LE in New macOS Update gets Favicon support in Safari after over a decade of lacking it   
    @CA3LE It only took Apple well over a decade, but Safari finally has Favicon support with the new macOS Mojave / Safari 12 update...
     

     
    Thanks,
    nanobot
  2. Thanks
    nanobot got a reaction from CA3LE in Why is TestMy.net not showing up in Google?   
    Have you looked at the Google Search Console?
     
    https://www.google.com/webmasters/tools/
     
    It usually has good information as to why pages aren't indexed, or are prioritized lower than others.
     
    Thanks,
    EBrown
  3. Like
    nanobot got a reaction from C0RR0SIVE in No longer detecting my provider?   
    Regarding the IP thing: @CA3LE if I recall correctly, the SQUID proxy they mention utilizes the `X-Forwarded-For` header, are you perhaps checking that as well?
     
    I know I had a similar issue with an Enterprise software application that was logging IP addresses, so I began logging the TCP/IP address and the X-Forwarded-For, as I was getting bizarre results similarly to what you are getting here.
     
    I know, for a fact, that the 224.0.0.0/4 address space is Class-D (multicast) so no user should actually have that address, and 240.0.0.0/4 should be Class-E, and that's usually experimental / R&D.
     
    Arin is being slow so while I'm looking into these additional details:
     
    @C0RR0SIVE: The 250.x.x.x address is part of the experimental space, AFAIK (unless any new RFC's are out) it's used by R&D and for experimental use only.
     
    So Arin finally loaded, and I'll give you guys the public URL: https://whois.arin.net/rest/net/NET-240-0-0-0-0/
     
    As I thought, this is still in the "special use" range, which should be mostly non-routed (though I don't think there are any bars against routing these addresses, it's just not common).
     
    Thanks,
    EBrown
  4. Like
    nanobot got a reaction from Sean in RC4, error growing   
    So I started nmap up, ran some scans (I'm sure @CA3LE won't mind me running some penetration tests against his server) on the SSL ports, and I couldn't find RC4 on the list of ciphers, at all, but then I did on an SMTPS (465) port, but you shouldn't be affected by that.
     
    So I got curious, and researched further, and you said it happens about every 10th website, so I have a few follow up questions:
     
    1. Are you using Wireless?
       a. If so, are you using WEP? Apparently RC4 was used in the WEP security standard (which has been an insecurity standard for years now).
    2. Are you certain there is no MITM attack against you?
     
    For those interested, here's the result of my nmap scan:
     
    Elliotts-iMac:~ elliottbrown$ nmap --script ssl-cert,ssl-enum-ciphers -p 443,465,993,995 www.testmy.net Starting Nmap 7.50 ( https://nmap.org ) at 2017-07-20 18:29 EDT Nmap scan report for www.testmy.net (64.111.22.10) Host is up (0.088s latency). rDNS record for 64.111.22.10: testmy.net PORT STATE SERVICE 443/tcp open https | ssl-cert: Subject: commonName=testmy.net | Subject Alternative Name: DNS:testmy.net | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2017-07-06T06:00:00 | Not valid after: 2017-10-04T06:00:00 | MD5: 415f 2e2b ee78 0642 6813 4e47 743b 9831 |_SHA-1: ecac a111 d818 d982 1039 acea 2fe4 9b6c c975 ca43 | ssl-enum-ciphers: | TLSv1.0: | ciphers: | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A | TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A | TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A | compressors: | NULL | cipher preference: server | TLSv1.1: | ciphers: | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A | TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A | TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A | compressors: | NULL | cipher preference: server | TLSv1.2: | ciphers: | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (secp256r1) - A | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (secp256r1) - A | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A | TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A | TLS_RSA_WITH_AES_256_CBC_SHA256 (rsa 2048) - A | TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (secp256r1) - A | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (secp256r1) - A | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A | TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A | TLS_RSA_WITH_AES_128_CBC_SHA256 (rsa 2048) - A | TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A | compressors: | NULL | cipher preference: server |_ least strength: A 465/tcp open smtps | ssl-cert: Subject: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US | Issuer: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2016-05-03T21:11:36 | Not valid after: 2017-05-03T21:11:36 | MD5: a6bd 9cdc 510e 115e 98b5 bca2 ff64 1af8 |_SHA-1: 47a4 68dd ce19 fa99 e4d2 b60e 94a5 0599 217d c1f9 | ssl-enum-ciphers: | SSLv3: | ciphers: | TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (dh 1024) - D | TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 1024) - A | TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 1024) - A | TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (dh 1024) - A | TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (dh 1024) - A | TLS_DHE_RSA_WITH_SEED_CBC_SHA (dh 1024) - A | TLS_DH_anon_WITH_3DES_EDE_CBC_SHA - F | TLS_DH_anon_WITH_AES_128_CBC_SHA - F | TLS_DH_anon_WITH_AES_256_CBC_SHA - F | TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA - F | TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA - F | TLS_DH_anon_WITH_RC4_128_MD5 - F | TLS_DH_anon_WITH_SEED_CBC_SHA - F | TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (secp256r1) - C | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A | TLS_ECDHE_RSA_WITH_RC4_128_SHA (secp256r1) - C | TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA - F | TLS_ECDH_anon_WITH_AES_128_CBC_SHA - F | TLS_ECDH_anon_WITH_AES_256_CBC_SHA - F | TLS_ECDH_anon_WITH_RC4_128_SHA - F | TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C | TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_IDEA_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_RC4_128_MD5 (rsa 2048) - C | TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - C | TLS_RSA_WITH_SEED_CBC_SHA (rsa 2048) - A | compressors: | NULL | cipher preference: client | warnings: | 64-bit block cipher 3DES vulnerable to SWEET32 attack | 64-bit block cipher IDEA vulnerable to SWEET32 attack | Broken cipher RC4 is deprecated by RFC 7465 | CBC-mode cipher in SSLv3 (CVE-2014-3566) | Ciphersuite uses MD5 for message integrity | Key exchange (dh 1024) of lower strength than certificate key | TLSv1.0: | ciphers: | TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (dh 1024) - D | TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 1024) - A | TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 1024) - A | TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (dh 1024) - A | TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (dh 1024) - A | TLS_DHE_RSA_WITH_SEED_CBC_SHA (dh 1024) - A | TLS_DH_anon_WITH_3DES_EDE_CBC_SHA - F | TLS_DH_anon_WITH_AES_128_CBC_SHA - F | TLS_DH_anon_WITH_AES_256_CBC_SHA - F | TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA - F | TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA - F | TLS_DH_anon_WITH_RC4_128_MD5 - F | TLS_DH_anon_WITH_SEED_CBC_SHA - F | TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (secp256r1) - C | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A | TLS_ECDHE_RSA_WITH_RC4_128_SHA (secp256r1) - C | TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA - F | TLS_ECDH_anon_WITH_AES_128_CBC_SHA - F | TLS_ECDH_anon_WITH_AES_256_CBC_SHA - F | TLS_ECDH_anon_WITH_RC4_128_SHA - F | TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C | TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_IDEA_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_RC4_128_MD5 (rsa 2048) - C | TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - C | TLS_RSA_WITH_SEED_CBC_SHA (rsa 2048) - A | compressors: | NULL | cipher preference: client | warnings: | 64-bit block cipher 3DES vulnerable to SWEET32 attack | 64-bit block cipher IDEA vulnerable to SWEET32 attack | Broken cipher RC4 is deprecated by RFC 7465 | Ciphersuite uses MD5 for message integrity | Key exchange (dh 1024) of lower strength than certificate key | TLSv1.1: | ciphers: | TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (dh 1024) - D | TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 1024) - A | TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 1024) - A | TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (dh 1024) - A | TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (dh 1024) - A | TLS_DHE_RSA_WITH_SEED_CBC_SHA (dh 1024) - A | TLS_DH_anon_WITH_3DES_EDE_CBC_SHA - F | TLS_DH_anon_WITH_AES_128_CBC_SHA - F | TLS_DH_anon_WITH_AES_256_CBC_SHA - F | TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA - F | TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA - F | TLS_DH_anon_WITH_RC4_128_MD5 - F | TLS_DH_anon_WITH_SEED_CBC_SHA - F | TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (secp256r1) - C | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A | TLS_ECDHE_RSA_WITH_RC4_128_SHA (secp256r1) - C | TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA - F | TLS_ECDH_anon_WITH_AES_128_CBC_SHA - F | TLS_ECDH_anon_WITH_AES_256_CBC_SHA - F | TLS_ECDH_anon_WITH_RC4_128_SHA - F | TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C | TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_IDEA_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_RC4_128_MD5 (rsa 2048) - C | TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - C | TLS_RSA_WITH_SEED_CBC_SHA (rsa 2048) - A | compressors: | NULL | cipher preference: client | warnings: | 64-bit block cipher 3DES vulnerable to SWEET32 attack | 64-bit block cipher IDEA vulnerable to SWEET32 attack | Broken cipher RC4 is deprecated by RFC 7465 | Ciphersuite uses MD5 for message integrity | Key exchange (dh 1024) of lower strength than certificate key | TLSv1.2: | ciphers: | TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (dh 1024) - D | TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 1024) - A | TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (dh 1024) - A | TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (dh 1024) - A | TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 1024) - A | TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (dh 1024) - A | TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (dh 1024) - A | TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (dh 1024) - A | TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (dh 1024) - A | TLS_DHE_RSA_WITH_SEED_CBC_SHA (dh 1024) - A | TLS_DH_anon_WITH_3DES_EDE_CBC_SHA - F | TLS_DH_anon_WITH_AES_128_CBC_SHA - F | TLS_DH_anon_WITH_AES_128_CBC_SHA256 - F | TLS_DH_anon_WITH_AES_128_GCM_SHA256 - F | TLS_DH_anon_WITH_AES_256_CBC_SHA - F | TLS_DH_anon_WITH_AES_256_CBC_SHA256 - F | TLS_DH_anon_WITH_AES_256_GCM_SHA384 - F | TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA - F | TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA - F | TLS_DH_anon_WITH_RC4_128_MD5 - F | TLS_DH_anon_WITH_SEED_CBC_SHA - F | TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (secp256r1) - C | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (secp256r1) - A | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (secp256r1) - A | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (secp256r1) - A | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (secp256r1) - A | TLS_ECDHE_RSA_WITH_RC4_128_SHA (secp256r1) - C | TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA - F | TLS_ECDH_anon_WITH_AES_128_CBC_SHA - F | TLS_ECDH_anon_WITH_AES_256_CBC_SHA - F | TLS_ECDH_anon_WITH_RC4_128_SHA - F | TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C | TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_AES_128_CBC_SHA256 (rsa 2048) - A | TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A | TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_AES_256_CBC_SHA256 (rsa 2048) - A | TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_IDEA_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_RC4_128_MD5 (rsa 2048) - C | TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - C | TLS_RSA_WITH_SEED_CBC_SHA (rsa 2048) - A | compressors: | NULL | cipher preference: client | warnings: | 64-bit block cipher 3DES vulnerable to SWEET32 attack | 64-bit block cipher IDEA vulnerable to SWEET32 attack | Broken cipher RC4 is deprecated by RFC 7465 | Ciphersuite uses MD5 for message integrity | Key exchange (dh 1024) of lower strength than certificate key |_ least strength: F 993/tcp open imaps | ssl-cert: Subject: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US | Issuer: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2016-05-03T21:11:36 | Not valid after: 2017-05-03T21:11:36 | MD5: a6bd 9cdc 510e 115e 98b5 bca2 ff64 1af8 |_SHA-1: 47a4 68dd ce19 fa99 e4d2 b60e 94a5 0599 217d c1f9 | ssl-enum-ciphers: | TLSv1.0: | ciphers: | TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (dh 1024) - D | TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 1024) - A | TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 1024) - A | TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (dh 1024) - A | TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (dh 1024) - A | TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (secp256r1) - C | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A | TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C | TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A | compressors: | NULL | cipher preference: client | warnings: | 64-bit block cipher 3DES vulnerable to SWEET32 attack | Key exchange (dh 1024) of lower strength than certificate key | TLSv1.1: | ciphers: | TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (dh 1024) - D | TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (secp256r1) - C | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A | TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C | TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A | compressors: | NULL | cipher preference: client | warnings: | 64-bit block cipher 3DES vulnerable to SWEET32 attack | Key exchange (dh 1024) of lower strength than certificate key | TLSv1.2: | ciphers: | TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (dh 1024) - D | TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 1024) - A | TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (dh 1024) - A | TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (dh 1024) - A | TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 1024) - A | TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (dh 1024) - A | TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (dh 1024) - A | TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (dh 1024) - A | TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (dh 1024) - A | TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (secp256r1) - C | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (secp256r1) - A | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (secp256r1) - A | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (secp256r1) - A | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (secp256r1) - A | TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C | TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_AES_128_CBC_SHA256 (rsa 2048) - A | TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A | TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_AES_256_CBC_SHA256 (rsa 2048) - A | TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A | compressors: | NULL | cipher preference: client | warnings: | 64-bit block cipher 3DES vulnerable to SWEET32 attack | Key exchange (dh 1024) of lower strength than certificate key |_ least strength: D 995/tcp open pop3s | ssl-cert: Subject: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US | Issuer: commonName=Plesk/organizationName=Odin/stateOrProvinceName=Washington/countryName=US | Public Key type: rsa | Public Key bits: 2048 | Signature Algorithm: sha256WithRSAEncryption | Not valid before: 2016-05-03T21:11:36 | Not valid after: 2017-05-03T21:11:36 | MD5: a6bd 9cdc 510e 115e 98b5 bca2 ff64 1af8 |_SHA-1: 47a4 68dd ce19 fa99 e4d2 b60e 94a5 0599 217d c1f9 | ssl-enum-ciphers: | TLSv1.0: | ciphers: | TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (dh 1024) - D | TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 1024) - A | TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 1024) - A | TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (dh 1024) - A | TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (dh 1024) - A | TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (secp256r1) - C | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A | TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C | TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A | compressors: | NULL | cipher preference: client | warnings: | 64-bit block cipher 3DES vulnerable to SWEET32 attack | Key exchange (dh 1024) of lower strength than certificate key | TLSv1.1: | ciphers: | TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (dh 1024) - D | TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 1024) - A | TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 1024) - A | TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (dh 1024) - A | TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (dh 1024) - A | TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (secp256r1) - C | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A | TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C | TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A | compressors: | NULL | cipher preference: client | warnings: | 64-bit block cipher 3DES vulnerable to SWEET32 attack | Key exchange (dh 1024) of lower strength than certificate key | TLSv1.2: | ciphers: | TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (dh 1024) - D | TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 1024) - A | TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (dh 1024) - A | TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (dh 1024) - A | TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 1024) - A | TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (dh 1024) - A | TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (dh 1024) - A | TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (dh 1024) - A | TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (dh 1024) - A | TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (secp256r1) - C | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (secp256r1) - A | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (secp256r1) - A | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (secp256r1) - A | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (secp256r1) - A | TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C | TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_AES_128_CBC_SHA256 (rsa 2048) - A | TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A | TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_AES_256_CBC_SHA256 (rsa 2048) - A | TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A | compressors: | NULL | cipher preference: client | warnings: | 64-bit block cipher 3DES vulnerable to SWEET32 attack | Key exchange (dh 1024) of lower strength than certificate key |_ least strength: D Nmap done: 1 IP address (1 host up) scanned in 27.86 seconds Elliotts-iMac:~ elliottbrown$  
    The letter after the cipher is a letter from A-F, indicating grade of the cipher (A being best, F being worst), you'll notice there are a few RC4 ciphers under the 465, 993 and 995 ports (graded F appropriately), but all of the TLS ciphers are grade A.
     
    The lowest cipher strength (according to nmap) on https://www.testmy.net/ is a grade A, so Chrome should definitely not be flagging this site. (In fact, based on this information, testmy.net would refuse an RC4 cipher connection, period.)
     
    You definitely have a different issue going on, and I'm curious as to what that is.
     
    Thanks,
    EBrown
  5. Like
    nanobot got a reaction from Sean in Testmy.net member EBrown is interviewed by the BBC   
    Hah, forgot to post this here. Yeah, they asked me about it on Twitter a week or so ago.
     
    It's an interesting topic, we're discussing things that should never have to be worried about, no one should fear that their ISP can censor what they can see based on the ISP's own political motives. (Hell, just look at the Comcast v. Netflix issue from a couple years ago: Netflix traffic was throttled to unbelievable slow speeds as a result of Comcast wanting to extort them for money.)
     
    Personally, I am anti-government regulation, but in this case it's a necessity.
     
    One of the arguments I have recently heard in favor of revocation of the net–neutrality law was:
     
     
    This is a false premise, if the ISP's customers want traffic from that source, the ISP should not be throttling it in either direction. If your customers want to watch Netflix all day, you don't get to make additional profit off of that. The customer already pays for a broadband connection, it is the ISP's job to deliver that broadband service in an unbiased manner.
     
    Thanks,
    EBrown
  6. Like
    nanobot got a reaction from CA3LE in Gigabit Network Speeds (Full Duplex)   
    Well with a switch between them, it got up to about 1.1Gbps, which is statistically irrelevant. Without the switch (crossover) it got up to 1.5Gbps.
    I think the bottleneck was HDD transfer speed.

    And I'm not at all surprised by my results - Full-Duplex should always be capable of this.

    Thanks,
    EBrown
  7. Like
    nanobot got a reaction from CA3LE in iPad App or Suggestion?   
    This site has no such app, you can use the browser on any smart-mobile for it though. Chrome, Safari, Firefox, Opera. All of them work.
     
    Thanks,
    EBrown
  8. Like
    nanobot got a reaction from mudmanc4 in Am I using your test too often?   
    I foresaw this problem with a project for work, as I was using Base64 encoding on them.

    So, I wrote my own Base32 implementation pattern:


    Public Shared Function ToBase32String(ByVal Bytes As Byte()) As String Dim Arr As String = "0123456789bcdfhjkmnpqrtvxyDFGHJLMNPQRTVXY" Dim Result As String = "" Dim BT As Byte() = New Byte(Bytes.Length + (5 - (Bytes.Length Mod 5) - 1)) {} For I As Integer = 0 To Bytes.Length - 1 BT(I) = Bytes(I) Next For Group As Integer = 0 To BT.Length / 5 - 1 Result += Arr((BT((Group * 5)) And &HF4) >> 3) Result += Arr(((BT((Group * 5)) And &H3) << 2) Or ((BT((Group * 5) + 1) And &HC0) >> 6)) Result += Arr(((BT((Group * 5) + 1) And &H3E) >> 1)) Result += Arr(((BT((Group * 5) + 1) And &H1) << 4) Or ((BT((Group * 5) + 2) And &HF0) >> 4)) Result += Arr(((BT((Group * 5) + 2) And &HF) << 1) Or ((BT((Group * 5) + 3) And &H80) >> 7)) Result += Arr(((BT((Group * 5) + 3) And &H7C) >> 2)) Result += Arr(((BT((Group * 5) + 3) And &H3) << 3) Or ((BT((Group * 5) + 4) And &HE0) >> 5)) Result += Arr((BT((Group * 5) + 4) And &H1F) >> 0) Next Return Result.Substring(0, (Bytes.Length * 8 / 5)) End Function(Note: the only usable portion of the Arr is "0123456789bcdfhjkmnpqrtvxyDFGHJL", the rest is there for completeness.)
    I designed this pattern to avoid the chance for certain, offensive or obscene terms, and avoid characters that are visually similar, as I was generating Base64 from a direct Byte-Array. Now I generate it as a custom Base32 set so that I don't have those issues.

    Thanks,
    EBrown
  9. Like
    nanobot got a reaction from CA3LE in Wireless Ghz and Mouse Ghz Exactly same   
    Oh, also, a nice little chart to explain: http://www.ntia.doc.gov/files/ntia/publications/spectrum_wall_chart_aug2011.pdf

    And the FCC one: https://transition.fcc.gov/oet/spectrum/table/fcctable.pdf
  10. Like
    nanobot got a reaction from j7n in Wireless Ghz and Mouse Ghz Exactly same   
    http://gizmodo.com/5629814/giz-explains-why-everything-wireless-is-24ghz

    Thanks,
    EBrown
  11. Like
    nanobot got a reaction from CA3LE in Gigabit Network Speeds (Full Duplex)   
    Well with a switch between them, it got up to about 1.1Gbps, which is statistically irrelevant. Without the switch (crossover) it got up to 1.5Gbps.
    I think the bottleneck was HDD transfer speed.

    And I'm not at all surprised by my results - Full-Duplex should always be capable of this.

    Thanks,
    EBrown
  12. Like
    nanobot got a reaction from j7n in Gigabit Network Speeds (Full Duplex)   
    You guys will love this:

    I was farting around with my network just now, and I was testing my Gigabit throughput between my desktop and server, and I have some pretty good evidence of having achieved MORE than 1Gbps on the link. (Not in one direction - mind you.)

    The actual throughput (send + receive) was stable between 550Mbps (each) to 750Mbps (each). Essentially, I achieved up to 1.5Gbps total throughput.

    As is evident in the images, the speeds exceeded 1Gbps total. (And not just by a tiny bit - either.)

    Thanks,
    EBrown


  13. Like
    nanobot got a reaction from j7n in Wireless Ghz and Mouse Ghz Exactly same   
    http://gizmodo.com/5629814/giz-explains-why-everything-wireless-is-24ghz

    Thanks,
    EBrown
  14. Like
    nanobot got a reaction from j7n in Gigabit Network Speeds (Full Duplex)   
    You guys will love this:

    I was farting around with my network just now, and I was testing my Gigabit throughput between my desktop and server, and I have some pretty good evidence of having achieved MORE than 1Gbps on the link. (Not in one direction - mind you.)

    The actual throughput (send + receive) was stable between 550Mbps (each) to 750Mbps (each). Essentially, I achieved up to 1.5Gbps total throughput.

    As is evident in the images, the speeds exceeded 1Gbps total. (And not just by a tiny bit - either.)

    Thanks,
    EBrown


  15. Like
    nanobot got a reaction from j7n in Gigabit Network Speeds (Full Duplex)   
    You guys will love this:

    I was farting around with my network just now, and I was testing my Gigabit throughput between my desktop and server, and I have some pretty good evidence of having achieved MORE than 1Gbps on the link. (Not in one direction - mind you.)

    The actual throughput (send + receive) was stable between 550Mbps (each) to 750Mbps (each). Essentially, I achieved up to 1.5Gbps total throughput.

    As is evident in the images, the speeds exceeded 1Gbps total. (And not just by a tiny bit - either.)

    Thanks,
    EBrown


  16. Like
    nanobot got a reaction from CA3LE in Command line Speedtest?   
    Unfortunately PowerShell does not display transfer speed, which is why you use WGET on a *Nix platform to determine it.

    Thanks,
    EBrown
  17. Like
    nanobot got a reaction from CA3LE in Odd Result for 'My City'   
    Unfortunately, Geo-Location by IP address is not an exact science - or a science at all, really. 
    (Click the spoiler for the boring comparison part)




    An IP Address is exactly like a Phone Number, given my IP 10.0.0.5, my physical neighbour is NOT guaranteed to have IP Address 10.0.0.4, nor 10.0.0.6. So how do we find out where you are located by it? We attempt to determine where the home-network for that IP claims it is "physically located." We use WHOIS API's (ARIN, RIPE NCC, AFRINIC, APNIC, LACNIC) to determine what the "location" of the IP address is.

    To give you an example, my IP Address is in the following block: 68.37.128.0 - 68.37.255.255. Testmy.net thinks my IP Address is from Jersey City, NJ. I will tell you for a fact, I do not live in Jersey. I live in the Detroit Metro Area, Michigan. Unfortunately, ARIN does not realize that COMCAST gave me an IP Address that is from New Jersey, so Testmy.net thinks I am currently in New Jersey.

    This issue is by design, the IPv4/IPv6 protocols were never designed to allow geo-locating a user to any degree of certainty. They were always designed to allow anonymity.

    That being said, there are ways to more accurately pinpoint a users location. If I do a tracert to Testmy.net, I find that my data goes from 10.0.0.1 (my gateway) to *.hsd1.mi.comcast.net, allowing me to surmise that I am SOMEWHERE in Michigan.

    As the tracert continues, my data goes through several more nodes, to the node just before TMN: *.dal05.networklayer.com, which gives me the impression that Testmy.net is located in or near Dallas, TX. (It is in fact in Dallas, we should all know this for fact.)

    So, as for why you are 2000% above your city average today, but maybe not tomorrow: when you reset your modem, if your ISP gives you a new IP address, it may show you as being in another city. Regardless if you are or not. I implore you to click "my city average" and compare what city it lists to what city you actually live in. If you look at this list (https://testmy.net/city/jersey_city_nj -> Member Rank) you will see myself (nanobot) at the top of the list for Jersey City, NJ. Unfortunately, I got my gas bill this week: right-proper addressed to E. Brown, New Baltimore, MI.

    And believe when I say, this is not a TMN issue, this is intentional. If you use any proxy servers you can even more-so assuredly bet that your city will be even more wrong.

    Thanks,
    EBrown
  18. Like
    nanobot got a reaction from CA3LE in why the disparity between IE and Firefox?   
    Have you run TCP Optimizer? I had the same issue when I switched network providers and my IE speeds were horrible but my Chrome speeds were fairly good.

    Thanks,
    EBrown
  19. Like
    nanobot got a reaction from Georgeen in Post your speed and how much you pay monthly   
    Where are you at? We used to have Hughes Net at my dad's place but we ditched it because another ISP had recently shown up. (We didn't get out of the contract, but we did get service with the new ISP.)

    I'd check that there aren't any small, local providers first. If there are, look into getting one of them and then start with the BBB about Hughes.

    And check if you get 3G/4G in your area. I think Tommie Gorman uses EVDO for his internet, and he seems satisfied with it.

    Thanks,
    EBrown
  20. Like
    nanobot got a reaction from shark91962 in Don't yell at me - Speedtest.net comparison   
    The difference of the two you say?

    Speedtest.net uses a pure flash-based approach, and drops the top and bottom 5% of your tested speed. Why? Because the first instant of testing is typically slower due to the requirement to establish a connection. Then there's often a sudden burst which is typically irrelevant to your speed. Speedtest.net is more useful for a total-throughput test. It's often handy for gamers to test what the typical speed of their connection is. (After all, they are using UDP mostly which is connectionless, so there is no establishment of a connection.)

    Testmy.net uses a pure HTTP based approach, and does not remove any data. Why? Because almost all of the typical users network traffic is over HTTP, which requires the establishment of a connection. (Downloads, webpages, style-sheets, images, etc.) Testmy.net is much more relevant to testing your total connection throughput. Basically giving you a true establishment of how websites should download.

    Thanks,
    EBrown
  21. Like
    nanobot got a reaction from CA3LE in Database Member Rank   
    It's listed by username, not display name. So whatever you use to login is what would be there.

    Thanks,
    EBrown
  22. Like
    nanobot got a reaction from mudmanc4 in 'Safe' browsers for windows   
    Well it really gets you when you visit pages that have 2/3 of the browser view covered in ads.

    I have never once used advertising on any of my sites. (And with them being so small, it wouldn't benefit me anyway.)

    I don't ever browse to unknown or untrusted sites on servers and such that I run. I think the only site outside my own that I view from my servers is TMN, oddly enough.

    Thanks,
    EBrown
  23. Like
    nanobot got a reaction from mudmanc4 in 'Safe' browsers for windows   
    Well it really gets you when you visit pages that have 2/3 of the browser view covered in ads.

    I have never once used advertising on any of my sites. (And with them being so small, it wouldn't benefit me anyway.)

    I don't ever browse to unknown or untrusted sites on servers and such that I run. I think the only site outside my own that I view from my servers is TMN, oddly enough.

    Thanks,
    EBrown
  24. Like
    nanobot got a reaction from stefzenon in Hello users   
    I've always used the Dallas server. (And I don't use multi-threaded either. ) Yeah, the D.C. server is probably closer to me, but I prefer having the large route. Gives me a better overall figure that way.

    Thanks,
    EBrown
  25. Like
    nanobot got a reaction from stefzenon in Hello users   
    I've always used the Dallas server. (And I don't use multi-threaded either. ) Yeah, the D.C. server is probably closer to me, but I prefer having the large route. Gives me a better overall figure that way.

    Thanks,
    EBrown
×
Speed Test Version 15.9
© 2019 TestMy Net LLC - TestMy.net - Terms & Privacy