Nmap Development mailing list archives
Re: ssl-enum-cyphers Vs weak cyphers
From: Gabriel Lawrence <gabriel.lawrence () gmail com>
Date: Fri, 13 May 2011 10:04:51 -0700
The patch I sent in this week could be used to do this as well. It compares the ciphers that get splatted out with a list of "good" ciphers per your definition. It lets you know if the server offers any that are not on the good list. The message describing this is here: http://seclists.org/nmap-dev/2011/q2/536 Gabe On Fri, May 13, 2011 at 9:52 AM, Mak Kolybabi <mak () kolybabi com> wrote:
On 2011-05-13 17:45, Brahim Sakka wrote:But how can I tell which ones are actually weak? Would be nice if this gets implemented in the script.There's no way to tell at the moment. It would require adding additional information to the list of ciphers to make work. I'll look into it. -- Mak Kolybabi <mak () kolybabi com> () ASCII Ribbon Campaign | Against HTML e-mail /\ www.asciiribbon.org | Against proprietary extensions _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- ssl-enum-cyphers Vs weak cyphers Brahim Sakka (May 13)
- Re: ssl-enum-cyphers Vs weak cyphers Mak Kolybabi (May 13)
- Re: ssl-enum-cyphers Vs weak cyphers Gabriel Lawrence (May 13)
- Re: ssl-enum-cyphers Vs weak cyphers Brahim Sakka (May 14)
- Re: ssl-enum-cyphers Vs weak cyphers Gabriel Lawrence (May 13)
- Re: ssl-enum-cyphers Vs weak cyphers Mak Kolybabi (May 13)