I preformed an APR spoof between my ps3 and my network gateway during the PS3 boot sequence, during which the following IP addresses are resolved and tcp connections are made from the playstation
1. 184.108.40.206:443 : service.playstation.net
2. 220.127.116.11:443 : nsx.sec.np.dl.playstation.net
3. 18.104.22.168:443 : auth.np.ac.playstation.net
If you enter any of the IP address into your browse e.g.
You will get an SSL error, this error tells me that the cert is self signed by sony themselves which means the certs haven't been signed by companies like verisign.
The next step was to identify which versions SSL these servers supported.
It was during this process the web-services where identified as Apache and AkamaiGHost.
SSLv2 is also being accepted on these servers supporting the following ciphers
SSL2 DES 192 EDE3 CBC WITH MD5
SSL2 IDEA 128 CBC WITH MD5
SSL2 RC2 CBC 128 CBC WITH MD5
SSL2 RC4 128 WITH MD5
SSL2 DES 64 CBC WITH MD5
SSL2 RC4 128 EXPORT40 WITH MD5
My investigation continues.....
All help most welcome