Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

ssl-enum-ciphers

From: Dave Smith <agentsmith77 () gmail com>
Date: Tue, 2 Jun 2015 16:09:06 +0100
Hi All,

https://nmap.org/nsedoc/scripts/ssl-enum-ciphers.html

Even the documentation page shows a sample output with a key exchange of
"dh 256", i've seen this repeatedly coming up on a number of specific DHE
ciphers which are not ECDHE (explaining such a low size).

TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 128)

TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 128)

TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (dh 128)

TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (dh 128)

TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (dh 128)

TLS_DHE_RSA_WITH_SEED_CBC_SHA (dh 128)


I tried to find a rational explanation for the difference between a RSA Kex
and DH in the output , but didn't find it.


Could someone confirm if this is expected behaviour, and the brief reason,
or if it's misinterpreted by the script.


This was run on w2008 r2, with SVN 34457


thanks, Dave.

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: