Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

ssl-enum-ciphers rc4

From: "Secure-Mail User" <felixxx () secure-mail biz>
Date: Sun, 14 Dec 2014 16:00:36 +0100
Hi,

the script ssl-enum ciphers declares (some) ciphers with use rc4 as strong, also in the latest version.

TLS_RSA_WITH_RC4_128_SHA - strong
TLS_ECDHE_RSA_WITH_RC4_128_SHA - strong

Regarding to [1], the scoring is from 2012 and based on SSL Labs' scoring system. RC4 is broken and SSL Labs declares 
those ciphers as weak. The scoring system for ssl-enum-ciphers should be updated.

Kindly,

Felix

[1] http://seclists.org/nmap-dev/2014/q4/153




______________________________________________________
powered by Perfect-Privacy.com / Secure-Mail.biz - anonymous and secure internet.

_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: