Nmap Development mailing list archives

nmap

From: "Berman, Mitchell F." <mfb1 () cumc columbia edu>
Date: Mon, 16 Nov 2015 22:20:42 +0000

Hi nmap list--

I noticed a thread from October that mentioned that ssl-enum-ciphers script does not detect SSLv2.

I have a VMware appliance (SUSE Linux) that OpenSSL detects and connect to with cipher RC4-SHA using SSL3 or TLS1.1, 
but nmap does not find the RC4-SHA cipher using ssl-enum-ciphers.  (I'm in the process of hardening the VMware 
appliance.)

Nmap finds only TLS1.0 ciphers (RC4-SHA is not included here) and no TLS1.1 or SSL3 ciphers.

Should ssl-enum-ciphers be picking this up?

It's curious, because on another Windows Server box with RC4 allowed (for testing), OpenSSL and nmap both find the 
RC4-SHA in SSL3 and TLS1.1.

Not a firewall issue because nmap and openssl are loaded on the same workstation and going the same route.

Regards,

M Berman

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

Current thread:

nmap Berman, Mitchell F. (Nov 16)
- Re: nmap Daniel Miller (Nov 16)
  - Re: nmap Tom Sellers (Nov 16)
  - Re: nmap Berman, Mitchell F. (Nov 16)