mailing list archives
RE: [NSE] modified ssl-enum-ciphers to indicate policy compliance
From: Gabriel Lawrence <gabriel.lawrence () gmail com>
Date: Wed, 11 May 2011 16:45:56 -0700
Thanks. I decided to join the mail list so I'd see these things from now on.
I finally got a chance to make the changes recommended below. Attached are
the new files. Let me know if you think anything else should be tweaked or
if these are good to go!
PS: I don’t really consider my neckbeard to be awesome enough to make
recommendations for the world on what reasonable ciphers should be on their
default list. I took a wag at it anyway, so some review of that list
wouldn’t be a bad idea. I don’t think I included anything bad, but I may
have omitted something good.
From: David Fifield [mailto:david () bamsoftware com]
Sent: Tuesday, April 19, 2011 10:26 AM
To: Lawrence, Gabe
Cc: nmap-dev () insecure org
Subject: Re: [NSE] modified ssl-enum-ciphers to indicate policy compliance
Hi Gabe. Nice job on these modifications. You might not have been Cced on a
couple of replies:
I think I agree with Ron: It would be nice if an external data file
classified ciphers into "strong" and "weak". We could add such a file to the
distribution and make the script read it by default. Then for audits like
yours, someone could just modify the file to match their own cipher
If you do this, please base your work on the latest version of the script,
which has some minor changes.
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/