SSL research

Last week I wrote a script to check the SSL certificate of a HTTPS webserver.
For the last week, I've been scanning the internet to see how serious people are about the validity of SSL certificates.


I've scanned 502638 hosts on port 443 in total.
There were 332075 unique IP's, which makes me wonder how good the random number generator of bash actually is ...

From all that, I determined the following:


IP ClassAmount
0.0.0.0/81406
10.0.0.0/81311
127.0.0.0/81505
172.16.0.0/1276
192.168.0.0/165
224.0.0.0/427679
240.0.0.0/420442
real internet279660









ClassAmount
Valid232
Invalid83
Not SSL307
Connection closed4990
Unreachable274048


This is very poor ;)
Maybe I should find a list of working HTTPS ports before I try scanning again. Just poking around in the dark is of no use.

About 74% of the working HTTPS hosts has a working SSL certificate. That means it didn't expire...
I suppose that's not too bad.

What I'm more interested in, is what those 307 hosts are running on the HTTPS port, that doesn't provide an SSL certificate.

Let's look at the certificates themselves now.













CertificateAmount
www.snakeoil.dom12
HP JetDirect12
Fortinet2
127.0.0.1, 1.1.1.1, 192.168.x.y7
Vigor Router3
localhost34
firewall.domain.example1
WRT54G2
IOS-Self-Signed-Certificate...1
SpeedTouch2


There are some interesting devices there. Some printers, some firewalls...
Internet is such an interesting place, wouldn't you agree ?