PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-09 14:11:29 +00:00
Code Issues Projects Releases Wiki Activity

Add reference to SSL Labs Server Rating Guide

Browse Source
This commit is contained in:
dmiller
2017-10-18 20:26:41 +00:00
parent 729824c7a3
commit ca91d27ae9
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
scripts/ssl-enum-ciphers.nse
View File

@@ -19,6 +19,9 @@ strength of the connection. The grade is based on the cryptographic strength of
the key exchange and of the stream cipher. The message integrity (hash)
algorithm choice is not a factor. The output line beginning with
<code>Least strength</code> shows the strength of the weakest cipher offered.
The scoring is based on the Qualys SSL Labs SSL Server Rating Guide, but does
not take protocol support (TLS version) into account, which makes up 30% of the
SSL Labs rating.
SSLv3/TLSv1 requires more effort to determine which ciphers and compression
methods a server supports than SSLv2. A client lists the ciphers and compressors
@@ -43,6 +46,9 @@ It is recommended to use this script in conjunction with version detection
(<code>-sV</code>) in order to discover SSL/TLS services running on unexpected
ports. For the most common SSL ports like 443, 25 (with STARTTLS), 3389, etc.
the script is smart enough to run on its own.
References:
* Qualys SSL Labs Rating Guide - https://www.ssllabs.com/projects/rating-guide/
]]
---