Nmap Development mailing list archives
Re: Fwd: Re: NSE: Need advice on pulling SSL cert used for TLS connection over SMTP port 25
From: David Fifield <david () bamsoftware com>
Date: Sun, 11 Oct 2009 18:23:14 -0600
On Sun, Oct 11, 2009 at 08:21:24AM -0500, Tom Sellers wrote:
I have tested this script further with more targets and from both Windows and Linux. Could it be reviewed for inclusion? Both the patch and full file are attached.
I would like the SMTP-specific code to be factored out into a separate function. Especially as I can see this same mechanism being used to handle HTTPS over port 80 using the Upgrade header field.
-local LIKELY_SSL_PORTS = { 443, 465, 989, 990, 992, 993, 994, 995, 587, 8443 } +local LIKELY_SSL_PORTS = { 25, 443, 465, 587, 989, 990, 992, 993, 994, 995, 587, 8443 }
I think this is misleading to put ports 25 and 587 in a table called LIKELY_SSL_PORTS. Maybe you can break them into a separate table called OTHER_PORTS or something. The idea being that if the port is in LIKELY_SSL_PORTS, or if the service_tunnel is "ssl", you immediately try an SSL connection. If it's in OTHER_PORTS, there would have to exist some protocol-specific handling like STARTTLS. The portrule would be modified to run if the port number is in either port table. I think the script is fine to go in as it is, and you can make these changes under revision control. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Fwd: Re: NSE: Need advice on pulling SSL cert used for TLS connection over SMTP port 25 Tom Sellers (Oct 11)
- Re: Fwd: Re: NSE: Need advice on pulling SSL cert used for TLS connection over SMTP port 25 David Fifield (Oct 11)