Nmap Development mailing list archives
Re: Proposed SSL version detection probe changes
From: Kristof Boeynaems <kristof.boeynaems () gmail com>
Date: Sat, 21 Feb 2009 20:39:11 +0100
Kristof Boeynaems wrote:
Brandon Enright wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 17 Feb 2009 22:02:19 +0000 Brandon Enright <bmenrigh () ucsd edu> wrote:I was surveying 443, 465, 636, 990, 993 and 995. If I get a moment to breath today I'll do a survey of those ports across campus and report the number of non-v2 services.<snip>You can use the attached custom nmap-services-probe file that I created yesterday for this distinction, or simply detect the Nsock failures.
I did a more extensive survey (about 1000 SSL serving hosts), using the ports you suggested (and the version probe file I submitted earlier), and this time I found 7 non-SSL2-compatible services on 4 unique hosts:
995/tcp open tlsv1-only 443/tcp open tlsv1-only 993/tcp open sslv3-only 995/tcp open sslv3-only 465/tcp open sslv3-only 993/tcp open sslv3-only 995/tcp open sslv3-onlyThat's out of 1885 total open services detected. In other words, about 0.4% of the services found are non-SSLv2 compatible, and such services were found on 0.4% of the hosts.
Cheers, Kristof _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Re: Proposed SSL version detection probe changes, (continued)
- Re: Proposed SSL version detection probe changes Brandon Enright (Feb 09)
- Re: Proposed SSL version detection probe changes Kristof Boeynaems (Feb 10)
- Re: Proposed SSL version detection probe changes Fyodor (Feb 16)
- Re: Proposed SSL version detection probe changes Fyodor (Feb 16)
- Re: Proposed SSL version detection probe changes Brandon Enright (Feb 17)
- Re: Proposed SSL version detection probe changes Kristof Boeynaems (Feb 17)
- Re: Proposed SSL version detection probe changes Kristof Boeynaems (Feb 17)
- Re: Proposed SSL version detection probe changes Brandon Enright (Feb 17)
- Re: Proposed SSL version detection probe changes Brandon Enright (Feb 17)
- Re: Proposed SSL version detection probe changes Kristof Boeynaems (Feb 18)
- Re: Proposed SSL version detection probe changes Kristof Boeynaems (Feb 21)
- Re: Proposed SSL version detection probe changes Kristof Boeynaems (Mar 21)