Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: Disable SNI extension
From: Daniel Miller <bonsaiviking () gmail com>
Date: Tue, 1 Jul 2014 07:13:51 -0500

On Fri, Jun 27, 2014 at 3:31 PM, Sheharbano Khattak <
Sheharbano.Khattak () cl cam ac uk> wrote:


For some of my TLS tests, I'd like to see how the server behaves
when client hello carries no info. about the host. Is there an option
to disable SNI extension?

Best wishes,


Nmap uses SSL in several different phases of its scanning. Where did you
want to disable the SNI extension? In most cases, this will involve
modifying Nmap and recompiling, but a few of our NSE scripts
(ssl-enum-ciphers, ssl-heartbleed, etc.) do SSL/TLS handshaking directly,
so modifying those would simply involve editing the Lua script code.

Sent through the dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]