Nmap Development mailing list archives
Re: sweet32 and ssl-enum-ciphers question
From: Daniel Calvo Castro <rayimaster () gmail com>
Date: Mon, 30 Jan 2017 20:27:46 +0100
Hi, You said about an existing RDP port open for outgoing connections, so the sweet32 is about RDP port, usually 3389, not 443 (although could be affected too). Check against RDP tcp port, for Windows 7 there is an update that lets you fix this issue. Kind Regards 2017-01-30 20:12 GMT+01:00 ToddAndMargo <ToddAndMargo () zoho com>:
Hi All, I have a customer that got tagged with sweet32 on his PCI (credit card security) external scan. He is using RDP on a couple of his workstations so he can log in from home and I do believe the issue is that he hasn't done his Windows 7 updates in about two years. I will fix. Anyway, I am on nmap 7.40. Reading over at: https://nmap.org/nsedoc/scripts/ssl-enum-ciphers.html It shows a bunch of this stuff: Example Usage nmap --script ssl-enum-ciphers -p 443 <host> Script Output PORT STATE SERVICE REASON 443/tcp open https syn-ack | ssl-enum-ciphers: | TLSv1.0: | ciphers: | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (secp256r1) - A | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (secp256r1) - A and on and so forth My intention is to use NMap to identify the sweet32 vulnerability and to then use NMap again to verify I have solved the issue. I am specifically looking for the "3DES" entry associated with sweet32. When I run this probe, I do not get any of the this stuff. I do get stuff back, but not the list with all the ciphers. This is what I ran: nmap -p xxxx,yyyy -v --script ssl-enum-ciphers www.xxx.yyy.zzz Am I missing something here? Many thanks, -T -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Computers are like air conditioners. They malfunction when you open windows ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- sweet32 and ssl-enum-ciphers question ToddAndMargo (Jan 30)
- Re: sweet32 and ssl-enum-ciphers question Daniel Calvo Castro (Jan 30)
- Re: sweet32 and ssl-enum-ciphers question ToddAndMargo (Jan 30)
- Re: sweet32 and ssl-enum-ciphers question ToddAndMargo (Jan 30)
- Re: sweet32 and ssl-enum-ciphers question ToddAndMargo (Jan 30)
- Re: sweet32 and ssl-enum-ciphers question Daniel Miller (Jan 31)
- Re: sweet32 and ssl-enum-ciphers question ToddAndMargo (Jan 31)
- Re: sweet32 and ssl-enum-ciphers question ToddAndMargo (Jan 30)
- Re: sweet32 and ssl-enum-ciphers question Daniel Calvo Castro (Jan 30)