Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: ssl-enum-cyphers Vs weak cyphers
From: Brahim Sakka <brahim.sakka () gmail com>
Date: Sat, 14 May 2011 15:01:09 +0100

Excellent! I know Nessus does it but I *really* prefer Nmap,

Thanks Gabriel & Mak,

2011/5/13, Gabriel Lawrence <gabriel.lawrence () gmail com>:
The patch I sent in this week could be used to do this as well. It compares
the ciphers that get splatted out with a list of "good" ciphers per your
definition. It lets you know if the server offers any that are not on the
good list.

The message describing this is here:
http://seclists.org/nmap-dev/2011/q2/536

Gabe

On Fri, May 13, 2011 at 9:52 AM, Mak Kolybabi <mak () kolybabi com> wrote:

On 2011-05-13 17:45, Brahim Sakka wrote:
But how can I tell which ones are actually weak? Would be nice if this
gets implemented in the script.

There's no way to tell at the moment. It would require adding additional
information to the list of ciphers to make work. I'll look into it.

--
Mak Kolybabi
<mak () kolybabi com>

() ASCII Ribbon Campaign | Against HTML e-mail
/\  www.asciiribbon.org  | Against proprietary extensions

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]