How to determine if there is any SSL v2, SSL v3, TLS 1.0 or TLS 1.2 connections to the server?

How to determine if there is any SSL v2, SSL v3, TLS 1.0 or TLS 1.2 connections to the server?

Environment: Windows 2008 R2, IIS, ASP.Net Website
I'm preparing to disable SSL v2,SSL v3 in my server.
How can I check whether my server receiving any connections via SSL v2 or SSL v3 ? (inorder to ensure no one is affected)
Is there any logs in server ? (To Determine the connections was via SSL v2, SSL v3, TLS 1.0 or TLS 1.2)

Solutions/Answers:

Answer 1:

Use a sniffing tool (e.g. Wireshark) to inspect the traffic to your server. Run Wireshark on the server itself and select the interface on which requests are incoming. Consequently, filter SSL traffic and check the IP sources to find out whether or not these are legitimate request (difficult when its publicly facing though).

Although I’m not sure who your target audience is and the nature of the data on/transmitted from and to your site, I would probably not keep the server vulnerable for those folks who refuse to update their browsers. However, that’s a personal decision of yours to make.

Answer 2:

Too bad you’re not using PHP – if you were, you could just examine the $_SERVER[‘SSL_PROTOCOL’] environment variable.

But, since your using ASP.Net, you may have to resort to one of these methods: https://stackoverflow.com/questions/25009018/check-ssl-protocol-cipher-other-properties-in-an-asp-net-mvc-4-application

Answer 3:

If your server is public, you could use one of the online SSL/TLS server test tools (e.g. https://www.ssllabs.com/ssltest/)

Our Awesome Free Tools

References