Nmap Development mailing list archives
Re: [PATCH] Extended SSL support in Nmap, review
From: David Fifield <david () bamsoftware com>
Date: Tue, 31 Mar 2009 10:30:45 -0600
On Tue, Mar 31, 2009 at 01:09:47PM +0200, Kristof Boeynaems wrote:
You are right though, that this line is identical to the Nessus match line. In an earlier patch (see http://seclists.org/nmap-dev/2009/q1/0357.html), I commented out the lines that were "too generic" (in my opinion), but I did not do that in this patch, as I wanted to interfere as little as possible with existing match lines. I copied these other "too generic" match lines again below for your information: #Too generic#match ssl m|^\x16\x03\0\0J\x02\0\0F\x03\0| p/OpenSSL/ #Too generic#match ssl m|^\x16\x03\0..\x02\0\0F\x03\0|s p/Microsoft IIS SSL/ o/Windows/ #Too generic#match ssl m|^\x16\x03\0\0\*\x02\0\0&\x03\0| #Too generic#match ssl m|^\x16\x03\x01\0J\x02\0\0F\x03\x01| p/Nessus security scanner/ Compare this too the new generic SSLv3 ServerHello match line: match ssl m|^\x16\x03\0..\x02...\x03\0| p/SSLv3/
I integrated the patch, thanks! I calculated a 13% increase in the number of SSL ports found from your test results, which is a nice improvement. I left in a few of the specific match lines (the OpenSSL one and the IIS one), on the off chance that the values returned really are specific to those implementations. In any case it matters little, because normally the SSL scan-through will begin after that and forget that information. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Re: [PATCH] Extended SSL support in Nmap, (continued)
- Re: [PATCH] Extended SSL support in Nmap Kristof Boeynaems (Feb 21)
- Re: [PATCH] Extended SSL support in Nmap Brandon Enright (Feb 21)
- Re: [PATCH] Extended SSL support in Nmap Kristof Boeynaems (Feb 21)
- Re: [PATCH] Extended SSL support in Nmap doug (Feb 21)
- Re: [PATCH] Extended SSL support in Nmap Kristof Boeynaems (Feb 21)
- Re: [PATCH] Extended SSL support in Nmap, review David Fifield (Mar 02)
- Re: [PATCH] Extended SSL support in Nmap, review Kristof Boeynaems (Mar 03)
- Re: [PATCH] Extended SSL support in Nmap, review David Fifield (Mar 03)
- Re: [PATCH] Extended SSL support in Nmap, review Kristof Boeynaems (Mar 22)
- Re: [PATCH] Extended SSL support in Nmap, review David Fifield (Mar 30)
- Re: [PATCH] Extended SSL support in Nmap, review Kristof Boeynaems (Mar 31)
- Re: [PATCH] Extended SSL support in Nmap, review David Fifield (Mar 31)
- Re: [PATCH] Extended SSL support in Nmap, review Kristof Boeynaems (Mar 03)