Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: nmap

From: Tom Sellers <nmap () fadedcode net>
Date: Mon, 16 Nov 2015 18:11:12 -0600
Additionally, modern versions of Nmap include a script specifically for detecting SSL v2, sslv2.nse.

As a note, this will detect the availability of SSL v2 on the target even if you are scanning from machine where 
OpenSSL is compiled with SSL v2 disabled, as most modern versions are.

Reference:

https://nmap.org/nsedoc/scripts/sslv2.html

nmap -p 443 -v --script sslv2 $targetname

Tom

On 11/16/2015 5:38 PM, Daniel Miller wrote:

Hi, and thanks for reporting this. What version of Nmap are you using? The ssl-enum-ciphers script is a very popular 
one that has undergone a lot of changes, even recently. If you are not using the
version in 6.49BETA6, then you run the chance of missing things in odd circumstances.

If you are using a recent version, please include the output of the following command (adjust port number if 
necessary):

nmap -p443 -d2 --script ssl-enum-ciphers $targetname

Dan

On Mon, Nov 16, 2015 at 4:20 PM, Berman, Mitchell F. <mfb1 () cumc columbia edu <mailto:mfb1 () cumc columbia edu>> 
wrote:

    Hi nmap list--

    I noticed a thread from October that mentioned that ssl-enum-ciphers script does not detect SSLv2.

    I have a VMware appliance (SUSE Linux) that OpenSSL detects and connect to with cipher RC4-SHA using SSL3 or 
TLS1.1, but nmap does not find the RC4-SHA cipher using ssl-enum-ciphers.  (I'm in the
    process of hardening the VMware appliance.)

    Nmap finds only TLS1.0 ciphers (RC4-SHA is not included here) and no TLS1.1 or SSL3 ciphers.

    Should ssl-enum-ciphers be picking this up?

    It's curious, because on another Windows Server box with RC4 allowed (for testing), OpenSSL and nmap both find 
the RC4-SHA in SSL3 and TLS1.1.

    Not a firewall issue because nmap and openssl are loaded on the same workstation and going the same route.

    Regards,

    M Berman

     

    _______________________________________________
    Sent through the dev mailing list
    https://nmap.org/mailman/listinfo/dev
    Archived at http://seclists.org/nmap-dev/




_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/



_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: