mailing list archives
RE: NMap Behavior Differences (HTTPS + Ubuntu 10.04LTS & Ubuntu 12.04LTS)
From: "Nmap User1" <nmapuser1 () gmail com>
Date: Fri, 6 Sep 2013 16:30:16 -0400
I've done some additional testing on the HTTPS/SSL timeout issue (all with
Ubuntu 10.04 LTS: No NSE HTTPS/SSL timeout issue.
Debian 6.0.7: No NSE HTTPS/SSL timeout issue.
Gentoo (k3.8.13): No NSE HTTPS/SSL timeout issue.
Fedora 19: No NSE HTTPS/SSL timeout issue.
Windows 7: No NSE HTTPS/SSL timeout issue.
Ubuntu 12.04 LTS: Yes, the NSE HTTPS/SSL timeout issue is exhibited.
Debian 7.1.0: Yes, the NSE HTTPS/SSL timeout issue is exhibited.
Kali Linux: Yes, the NSE HTTPS/SSL timeout issue is exhibited.
*Randomly selected hosts (from Google): www.bwin.com, home.eease.com, &
*Nmap command: nmap -v -sS -Pn -p 443 --script=ssl-cert <host>
I've been encountering this timeout issue on nearly every client engagement
since I've switched to Ubuntu 12.04 (affects around 5% of all HTTPS
services). I suspect many others are experiencing the same issue, however,
as the timeout issue isn't obvious in the results, it's likely to be
So what component in the identified current Debian based distros is causing
nmap to demonstrate this behavior? The nmap debug logs did not appear
overly helpful in this case.
From: Henri Doreau [mailto:henri.doreau () gmail com]
Sent: Thursday, September 05, 2013 2:51 PM
To: Daniel Miller
Cc: Nmap User1; Nmap-dev
Subject: Re: NMap Behavior Differences (HTTPS + Ubuntu 10.04LTS & Ubuntu
2013/9/5 Daniel Miller <bonsaiviking () gmail com>:
I can replicate the behavior on Ubuntu 12.04 against www.itslearning.com.
I've created pastes with debugging output from 2 versions of Nmap:
* http://pastebin.com/HqFCcYai - Nmap 6.41SVN with -d4
* http://pastebin.com/bCfdqFh3 - Nmap 6.02 with -d3
I also ran a scan without the NSE script immediately followed by
openssl s_client, which was able to connect with no timeout.
that looks interesting... I can't reproduce, neither on recent fedoras nor
on debian 6.0.7. That could totally be a nsock issue but I see nothing
suspicious from the traces you posted. Do you? Could you maybe retry with
-d9, to also have the full debug log messages? A pcap dump would be helpful.
Sent through the dev mailing list
Archived at http://seclists.org/nmap-dev/