Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NSE] SSL Fingerprint Matching

From: Toni Ruottu <toni.ruottu () iki fi>
Date: Thu, 6 Jan 2011 22:01:22 +0200
Nice work. Why are we worried about the fingerprint file size? Nmap
all ready ships with operating system detection and software version
identifying databases. How big do we expect the SSL fingerprint file
to become?

On Tue, Dec 21, 2010 at 5:37 AM, Mak Kolybabi <mak () kolybabi com> wrote:

Attached is a script that connects to SSL services and checks if the host's
fingerprint is in a given list. Also attached is a list containing the 2011
fingerprints from Little Black Box 0.1. While I have used this list by default,
other lists such as the Debian blacklist could be used as well. Each fingerprint
is associated with a short message to state why it is in the list, or where it
came from.

If we had compression libraries available, including these lists of fingerprints
with Nmap would be easier.

Comments, concerns, criticism, and testing are appreciated.

--
Mak Kolybabi
<mak () kolybabi com>

() ASCII Ribbon Campaign | Against HTML e-mail
/\  www.asciiribbon.org  | Against proprietary extensions

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: