Nmap Development mailing list archives
Re: [NSE] Extended ssl-enum-ciphers script
From: David Fifield <david () bamsoftware com>
Date: Tue, 12 Aug 2014 10:18:18 -0700
On Tue, Aug 12, 2014 at 11:15:02AM +0200, Bojan Zdrnja (SANS ISC) wrote:
Btw, according to this article that I later found: http://msdn.microsoft.com/en-us/library/windows/desktop/aa374757(v=vs.85).aspx Schannel on Windows supports a total of 55 ciphers (30 by default and 25 that have to be added), so with a normal setup on Windows there should never be a case when more than 64 ciphers are supported.
There definitely were cases in the past where not limiting tests to 64 ciphersuites at a time caused false measurements. An example domain was windowsupdate.microsoft.com back in 2012. http://seclists.org/nmap-dev/2010/q1/859 "it still can't return all seven that ssllabs.com and the old version of my script report" http://seclists.org/nmap-dev/2012/q3/161 "shows more ciphers with the slow method than the fast one" http://seclists.org/nmap-dev/2012/q3/167 "in groups of 64 or less, I've successfully tested against windowsupdate.microsoft.com" David Fifield _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] Extended ssl-enum-ciphers script Bojan Zdrnja (SANS ISC) (Aug 10)
- Re: [NSE] Extended ssl-enum-ciphers script Daniel Miller (Aug 10)
- Re: [NSE] Extended ssl-enum-ciphers script Bojan Zdrnja (SANS ISC) (Aug 10)
- Re: [NSE] Extended ssl-enum-ciphers script Daniel Miller (Aug 11)
- Re: [NSE] Extended ssl-enum-ciphers script Royce Williams (Aug 11)
- Re: [NSE] Extended ssl-enum-ciphers script Daniel Miller (Aug 12)
- Re: [NSE] Extended ssl-enum-ciphers script Royce Williams (Aug 12)
- Re: [NSE] Extended ssl-enum-ciphers script Daniel Miller (Aug 12)
- Re: [NSE] Extended ssl-enum-ciphers script Bojan Zdrnja (SANS ISC) (Aug 10)
- Re: [NSE] Extended ssl-enum-ciphers script Daniel Miller (Aug 10)
- Re: [NSE] Extended ssl-enum-ciphers script Bojan Zdrnja (SANS ISC) (Aug 12)
- Re: [NSE] Extended ssl-enum-ciphers script Daniel Miller (Aug 12)
- Re: [NSE] Extended ssl-enum-ciphers script David Fifield (Aug 12)
- Re: [NSE] Extended ssl-enum-ciphers script Daniel Miller (Aug 12)