mirror of
https://github.com/nmap/nmap.git
synced 2025-12-13 19:29:04 +00:00
Add reference to SSL Labs Server Rating Guide
This commit is contained in:
dmiller
@@ -19,6 +19,9 @@ strength of the connection. The grade is based on the cryptographic strength of
|
|||||||
the key exchange and of the stream cipher. The message integrity (hash)
|
the key exchange and of the stream cipher. The message integrity (hash)
|
||||||
algorithm choice is not a factor. The output line beginning with
|
algorithm choice is not a factor. The output line beginning with
|
||||||
<code>Least strength</code> shows the strength of the weakest cipher offered.
|
<code>Least strength</code> shows the strength of the weakest cipher offered.
|
||||||
|
The scoring is based on the Qualys SSL Labs SSL Server Rating Guide, but does
|
||||||
|
not take protocol support (TLS version) into account, which makes up 30% of the
|
||||||
|
SSL Labs rating.
|
||||||
|
|
||||||
SSLv3/TLSv1 requires more effort to determine which ciphers and compression
|
SSLv3/TLSv1 requires more effort to determine which ciphers and compression
|
||||||
methods a server supports than SSLv2. A client lists the ciphers and compressors
|
methods a server supports than SSLv2. A client lists the ciphers and compressors
|
||||||
@@ -43,6 +46,9 @@ It is recommended to use this script in conjunction with version detection
|
|||||||
(<code>-sV</code>) in order to discover SSL/TLS services running on unexpected
|
(<code>-sV</code>) in order to discover SSL/TLS services running on unexpected
|
||||||
ports. For the most common SSL ports like 443, 25 (with STARTTLS), 3389, etc.
|
ports. For the most common SSL ports like 443, 25 (with STARTTLS), 3389, etc.
|
||||||
the script is smart enough to run on its own.
|
the script is smart enough to run on its own.
|
||||||
|
|
||||||
|
References:
|
||||||
|
* Qualys SSL Labs Rating Guide - https://www.ssllabs.com/projects/rating-guide/
|
||||||
]]
|
]]
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|||||||
Reference in New Issue
Block a user