AnsweredAssumed Answered

Drown attack check finds another host then actually tested where sslv2 is enabled

Question asked by Thomas Stein on Mar 9, 2016
Latest reply on Mar 9, 2016 by Robert Dell'Immagine



I have to ask because i don't understand how QUALYS finds servers who uses the same key as the actually checked server. It's a nice feature but where came

the data from? Do they have a database of some kind where the crosscheck?


thanks and cheers