[Openvas-devel] ssl cipher plugin released

Veerendra GG veerendragg at secpod.com
Thu Apr 15 08:16:29 CEST 2010 

Thomas,

Presently we have that feature in the plugin, but presently it is disabled.
If we change value of 'check_sup_ciphers'  FALSE to TRUE, then it will
list out all the supported ciphers along with weak cipher list. But only 
the
problem is, it will take too much of time as there are 200+ ciphers.
Hence it has been disabled.

We will go according to group suggestions. We can add option in the
user preference to enable/disable this feature according to user selection.

Please let us know, is there any issue with this approach or any other
suggestions.

Thank you,
Veerendra GG


Thomas Reinke wrote:
> Just a thought - there may also be some value in reporting
> an informational entry in an audit listing all ciphers
> supported on an SSL connection (regardless of their known
> strength). Sort of like what is done for web server banners.
>
> Thomas
>
>
> Veerendra GG wrote:
>   
>> All,
>>
>> ssl cipher nasl plugin has been released to svn.
>> secpod_ssl_ciphers.nasl
>> secpod_ssl_ciphers.inc
>>
>> This nasl plugin will identify and list out the weak ciphers
>> supported by server for sslv2, sslv3 and tlsv1 protocols.
>>
>> The weak cipher list has been taken from ssl enum tool.
>> http://code.google.com/p/ssl-enum
>>
>> feedback are always welcome.. :)
>>
>>
>> -- 
>> regards,
>> Veerendra GG
>>
>> Security Research Analyst @ SecPod
>> Phone : 91-9886535533
>>
>> #L-16, 3rd Cross, 26th Main Road,
>> 1st Phase, JP Nagar, Bangalore-78
>> Tel: 91-80-41214020
>> Fax: 91-80-41214020
>> http://www.secpod.com
>>
>>
>>
>>
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> Openvas-devel mailing list
>> Openvas-devel at wald.intevation.org
>> http://lists.wald.intevation.org/mailman/listinfo/openvas-devel
>>     
>
>
>   
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.wald.intevation.org/pipermail/openvas-devel/attachments/20100415/91ccefad/attachment.htm

More information about the Openvas-devel mailing list