Nmap Development mailing list archives

Re: [NSE] More cipher suites needed in ssl-date

From: Daniel Miller <bonsaiviking () gmail com>
Date: Tue, 22 Jul 2014 20:52:32 -0500

On Tue, Jul 22, 2014 at 6:38 PM, <nnposter () users sourceforge net> wrote:

I fully agree with your reasoning of adding a mandatory cipher suite
but I would still also argue for the 3DES cipher suite because Windows
Server 2003 does not seem to support AES without installing KB948963.


[1] http://support.microsoft.com/kb/948963



Thanks! This is very useful info, and I have accordingly added the
TLS_RSA_WITH_3DES_EDE_CBC_SHA cipher suite as well. Ideally, we would let
ssl-enum-ciphers register a list of known-good ciphersuites so that later
scripts could just use one of those, but that would not help in the case
where the user chooses not to run ssl-enum-ciphers.

Dan
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

Current thread:

[NSE] More cipher suites needed in ssl-date nnposter (Jul 22)
- Re: [NSE] More cipher suites needed in ssl-date Daniel Miller (Jul 22)
  - Re: [NSE] More cipher suites needed in ssl-date nnposter (Jul 22)
    - Re: [NSE] More cipher suites needed in ssl-date Daniel Miller (Jul 22)