In today’s digital landscape, the lifespan of SSL certificates is constantly evolving and getting trickier, and questions about data and server locations are more prevalent than ever. Are servers hosted on Amazon, Azure, Onprem? Are they located in the EU or the US or somewhere else?
These uncertainties inspired me to create a tool that simplifies and consolidates essential information for IT systems owners.
Introducing the SSL and Domain Documentation Scanner
This innovative tool gathers crucial details about hostnames, their resolutions, actual locations (especially useful for web forwards), and a few interesting open ports along with their banners (FTP, SSH, etc.). The scanner is designed to provide a comprehensive overview without overwhelming the user.
Key Features
Hostname Resolution: Understand what hostnames resolve to, providing clarity on server locations and configurations.
Actual Location: Determine where servers are physically located, which is vital for compliance and data sovereignty.
Open Ports and Banners: Identify open ports and their responses, offering insights into potential vulnerabilities and services running on the server.
Usage Restrictions
To prevent misuse, the scanner is limited to testing one Fully Qualified Domain Name (FQDN) at a time. Additionally, copying functionality is disabled, and no emails are sent. The information is available only on the screen, ensuring controlled access.
When I get around it, I will also disable scanning / documenting of major sites such as Facebook etc )
I do have a few other versions also in the works with the ability to upload text files with lots of FQDNS (a compay can have lots of those like www.example.com, blog.example.se, mail.example.com etc) and alos having the final reports just emailed with a download link.
Example Query: app.rcloud.se
Interesting here is for instance that if you were to only ping app.rcloud.se you would think that it’s actually hosted in Denmark (DK) but it’s not, it’s just a webforward really that point to s server in Sweden. (Hence the report saying “Queried host” and then “Final host” since these do not necessarly have to be the same thing.
This tool is a step towards simplifying the complex world of SSL certificates and domain documentation, making it easier for IT systems owners to manage their infrastructure effectively.
Feel free to share your thoughts (just contact me ).
