RE: Nmap 4.23RC3 & SSL Tunnels

> -----Original Message-----
> From: nmap-dev-bounces_at_insecure.org
> [mailto:nmap-dev-bounces_at_insecure.org] On Behalf Of Lionel Cons
> Sent: Tuesday, December 04, 2007 5:24 AM
> To: Fyodor
> Cc: nmap-dev_at_insecure.org
> Subject: Re: Nmap 4.23RC3 & SSL Tunnels
>
> Fyodor writes:
> > Hi Lionel. Maybe your 4.23RC3 does not have OpenSSL compiled in,
> > while your 4.20 does.
>
> Ooops, indeed. I should not have blindly copied the spec file from the
> Nmap sources...
>
> However, what about having Nmap telling that it lacks SSL support?
>
> Here is what Nessus gives me:
>
> $ /usr/sbin/nessusd -d
> This is Nessus 2.2.10 for Linux 2.4.21
> compiled with gcc version 3.2.3 20030502 (Red Hat Linux 3.2.3-59)
> Current setup :
> nasl : 2.2.10
> libnessus : 2.2.10
> SSL support : enabled
> SSL is used for client / server communication
> Running as euid : 1234
> Compiled with tcpwrappers support
>
> We could imagine that Nmap reports this kind of information somehow,
> e.g. via "nmap -V".

Perhaps something like the patch that I've attached? If Nmap is
compiled with OpenSSL support, it will report the version of the library
compiled against, as well as the version of the library the binary is
linked against. For builds where OpenSSL is not enabled, it notes that
as well.

> It should be part of the XML file too, of course.
>

I'm not sure where something like this would fit in the Nmap XML schema,
and I don't think it's worthwhile to insert it as a comment, as it's not
parseable that way. If you have any ideas, I could extend the patch to
support that.

Thomas

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org