× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. March 2015

RE: SSL usage reporting


TRCINT TRCTYPE(*SCKSSL)
CPYSPLF QPCSMPRT to 136 PF.
RPGLE pgm reading 136 PF, creating SSL DB PF.
WRKQRY, sorted, counted, control break, summary only.

Below is a sample (7 days) , counts showing SSLVER, Cipher, remote IP.

1) I'd like to get the IP host name either in the SSL db or on the report
Not sure of all my options for this.
NSLOOKUP, DIG, ???

2) I'm not sure the TRCINT TRCTYPE(*SCKSSL) was 100%.
I still checking the results, but I think Java related SSL apps were omitted.

03/25/15 21:25:55 SSL log PAGE 1
SSLVER CIPHER RIP
TLSV1.0 TLS_RSA_WITH_AES_128_CBC_SHA ::ffff:10.x.x.x
COUNT 1,887
TLSV1.0 TLS_RSA_WITH_AES_128_CBC_SHA ::ffff:10.x.x.x
COUNT 3,936
TLSV1.0 TLS_RSA_WITH_AES_128_CBC_SHA ::ffff:10.x.x.x
COUNT 15
TLSV1.0 TLS_RSA_WITH_RC4_128_SHA 10.x.x.x
COUNT 15,512
TLSV1.0 TLS_RSA_WITH_AES_128_CBC_SHA 10.x.x.x
COUNT 127
TLSV1.0 TLS_RSA_WITH_AES_128_CBC_SHA 10.x.x.x
COUNT 13
TLSV1.0 TLS_RSA_WITH_AES_128_CBC_SHA 10.x.x.x
COUNT 518
TLSV1.0 TLS_RSA_WITH_AES_128_CBC_SHA 10.x.x.x
COUNT 650
TLSV1.0 TLS_RSA_WITH_AES_128_CBC_SHA 184.x.x.x
COUNT 984
TLSV1.0 TLS_RSA_WITH_AES_128_CBC_SHA 184.x.x.x
COUNT 1,000
TLSV1.0 TLS_RSA_WITH_AES_256_CBC_SHA 216.x.x.x
COUNT 36
TLSV1.0 TLS_RSA_WITH_AES_128_CBC_SHA 23.x.x.x
COUNT 8
FINAL TOTALS
COUNT 24,686
* * * E N D O F R E P O R T * * *

Paul

-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Steinmetz, Paul
Sent: Wednesday, March 25, 2015 9:37 AM
To: 'Midrange Systems Technical Discussion'
Subject: SSL usage reporting

Is there a utility or reporting tool that will show all SSL usage?
If not, I'm planning on utilizing the QPCSMPRT spool file output from TRCINT TRCTYPE(*SCKSSL) , and creating a SSL usage report.
I don't want to re-invent the wheel, as this will take some work, PF and RPGLE pgm.

How to determine the SSL protocol and cipher suite used for each System SSL connection to the IBM i
http://www-01.ibm.com/support/docview.wss?uid=nas8N1020594

TDE# 0000000004D1
CONNECTION PROPERTIES
TLSV1.0
TLS_RSA_WITH_RC4_128_SHA
LOCAL PORT
33065
LOCAL IP ADDRESS
X.X.X.X
REMOTE PORT
8443
REMOTE IP ADDRESS
X.X.X.X
QPADEV000KCPAMOBIL 181991
TDE# 0000000004D1

Thank You
_____
Paul Steinmetz
IBM i Systems Administrator

Pencor Services, Inc.
462 Delaware Ave
Palmerton Pa 18071

610-826-9117 work
610-826-9188 fax
610-349-0913 cell
610-377-6012 home

psteinmetz@xxxxxxxxxx
http://www.pencor.com/

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.


As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.