Insecure VPN?

Today I was reading that 90% of All SSL VPNs are Insecure.

• 77% of the SSL VPNs still use the insecure SSLv3 or the even less secure SSLv2
• 76% use an untrusted SSL certificate
• 74% have an insecure SHA-1 signature
• 41% use an insecure key length of 1024 for RSA certificates
• 10% rely on versions of SSL that are still vulnerable to the  Heartbleed attack

If you want to test if your VPN supports SS3, just run the following:

 openssl s_client -connect <server>:<port> -ssl3

If the connection succeeds, sslv3 is enabled. If it fails, it is disabled.

HTH
Brent