Re: nmap

[Daniel Miller <bonsaiviking () gmail com>]

Hi, and thanks for reporting this. What version of Nmap are you using? The
ssl-enum-ciphers script is a very popular one that has undergone a lot of
changes, even recently. If you are not using the version in 6.49BETA6, then
you run the chance of missing things in odd circumstances.

If you are using a recent version, please include the output of the
following command (adjust port number if necessary):

nmap -p443 -d2 --script ssl-enum-ciphers $targetname

Dan

On Mon, Nov 16, 2015 at 4:20 PM, Berman, Mitchell F. <mfb1 () cumc columbia edu
> wrote:

> Hi nmap list--
>
> I noticed a thread from October that mentioned that ssl-enum-ciphers
> script does not detect SSLv2.
>
> I have a VMware appliance (SUSE Linux) that OpenSSL detects and connect to
> with cipher RC4-SHA using SSL3 or TLS1.1, but nmap does not find the
> RC4-SHA cipher using ssl-enum-ciphers.  (I'm in the process of hardening
> the VMware appliance.)
>
> Nmap finds only TLS1.0 ciphers (RC4-SHA is not included here) and no
> TLS1.1 or SSL3 ciphers.
>
> Should ssl-enum-ciphers be picking this up?
>
> It's curious, because on another Windows Server box with RC4 allowed (for
> testing), OpenSSL and nmap both find the RC4-SHA in SSL3 and TLS1.1.
>
> Not a firewall issue because nmap and openssl are loaded on the same
> workstation and going the same route.
>
> Regards,
>
> M Berman
>
>
>
> _______________________________________________
> Sent through the dev mailing list
> https://nmap.org/mailman/listinfo/dev
> Archived at http://seclists.org/nmap-dev/
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/