Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ssl-enum-cyphers Vs weak cyphers

From: Gabriel Lawrence <gabriel.lawrence () gmail com>
Date: Fri, 13 May 2011 10:04:51 -0700
The patch I sent in this week could be used to do this as well. It compares
the ciphers that get splatted out with a list of "good" ciphers per your
definition. It lets you know if the server offers any that are not on the
good list.

The message describing this is here:
http://seclists.org/nmap-dev/2011/q2/536

Gabe

On Fri, May 13, 2011 at 9:52 AM, Mak Kolybabi <mak () kolybabi com> wrote:


On 2011-05-13 17:45, Brahim Sakka wrote:

But how can I tell which ones are actually weak? Would be nice if this
gets implemented in the script.


There's no way to tell at the moment. It would require adding additional
information to the list of ciphers to make work. I'll look into it.

--
Mak Kolybabi
<mak () kolybabi com>

() ASCII Ribbon Campaign | Against HTML e-mail
/\  www.asciiribbon.org  | Against proprietary extensions

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: