Nmap Development mailing list archives
Re: [NSE] HUGE ssl-enum-ciphers speed improvement
From: Matt Selsky <selsky () columbia edu>
Date: Thu, 12 Jul 2012 18:09:59 -0400
On Thu, Jul 12, 2012 at 5:37 PM, Daniel Miller <bonsaiviking () gmail com> wrote:
I've found a way to vastly improve the speed and efficiency of the ssl-enum-ciphers by letting the server choose ciphers instead of trying every single one. First, the numbers, based on a scan of nmap.org, port 443. Before: 858 Client Hello messages, 9.56s NSE time. After: 24 Client Hello messages, 3.07s NSE time.
I get the similar times with and without the patch. Though with the patch, the script now detects that the server supports compression. Unpatched: Completed NSE at 18:07, 1.81s elapsed Patched: Completed NSE at 18:07, 1.77s elapsed Cheers, Matt _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] HUGE ssl-enum-ciphers speed improvement Daniel Miller (Jul 12)
- Re: [NSE] HUGE ssl-enum-ciphers speed improvement Matt Selsky (Jul 12)
- Re: [NSE] HUGE ssl-enum-ciphers speed improvement Daniel Miller (Jul 12)
- Re: [NSE] HUGE ssl-enum-ciphers speed improvement Kris Katterjohn (Jul 12)
- Re: [NSE] HUGE ssl-enum-ciphers speed improvement David Fifield (Jul 12)
- Re: [NSE] HUGE ssl-enum-ciphers speed improvement Daniel Miller (Jul 12)
- Message not available
- Re: [NSE] HUGE ssl-enum-ciphers speed improvement Daniel Miller (Jul 13)
- Re: [NSE] HUGE ssl-enum-ciphers speed improvement Daniel Miller (Jul 12)
- Re: [NSE] HUGE ssl-enum-ciphers speed improvement Daniel Miller (Jul 13)
- Re: [NSE] HUGE ssl-enum-ciphers speed improvement David Fifield (Jul 13)
- Re: [NSE] HUGE ssl-enum-ciphers speed improvement Daniel Miller (Jul 13)
- Re: [NSE] HUGE ssl-enum-ciphers speed improvement Matt Selsky (Jul 15)
- Re: [NSE] HUGE ssl-enum-ciphers speed improvement Matt Selsky (Jul 12)