Nmap Development mailing list archives
[NSE][RFC] New cipher strength ratings for ssl-enum-ciphers
From: Daniel Miller <bonsaiviking () gmail com>
Date: Mon, 16 Jul 2012 14:00:37 -0500
List,As I was wrapping up work on ssl-enum-ciphers, I decided to add to the existing cipher strength rankings in nselib/data/ssl-ciphers. Previously, this file only contained ciphers ranked "strong." I added cipher suites that could be classified as "weak" (based on export-grade crypto), "no_authentication" (aNULL or Anonymous DH), "no_encryption" (eNULL), and various combinations of these. I also spent a little time cleaning up the ranking code, but no functional changes there.
I'm attaching the patch for this change, so any feedback would be helpful, especially additional ciphers to consider "strong," since many were added since the original list was put together. Thanks!
Dan
Attachment:
ssl-ciphers.patch
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE][RFC] New cipher strength ratings for ssl-enum-ciphers Daniel Miller (Jul 16)
- Re: [NSE][RFC] New cipher strength ratings for ssl-enum-ciphers Patrik Karlsson (Jul 16)
- Re: [NSE][RFC] New cipher strength ratings for ssl-enum-ciphers Daniel Miller (Jul 17)
- Re: [NSE][RFC] New cipher strength ratings for ssl-enum-ciphers David Fifield (Jul 17)
- Re: [NSE][RFC] New cipher strength ratings for ssl-enum-ciphers Daniel Miller (Jul 17)
- Re: [NSE][RFC] New cipher strength ratings for ssl-enum-ciphers David Fifield (Jul 17)
- Re: [NSE][RFC] New cipher strength ratings for ssl-enum-ciphers Daniel Miller (Jul 18)
- Re: [NSE][RFC] New cipher strength ratings for ssl-enum-ciphers Daniel Miller (Jul 17)
- Re: [NSE][RFC] New cipher strength ratings for ssl-enum-ciphers Patrik Karlsson (Jul 16)