[Openvas-plugins] SSL WEAK CIPHER : secpod_ssl_ciphers.nasl vs sslscan
Antu Sanadi
santu at secpod.com
Fri Feb 3 08:34:19 CET 2012
Hi,
Thanks for reporting issue. Let me check.
Regards,
Antu Sanadi
SecPod Technologies Pvt Ltd
On Thursday 02 February 2012 10:14 PM, Sebastien Aucouturier wrote:
> Hi,
>
> i got strange behaviour using secpod_ssl_ciphers.nasl (with timeout set to 1200 through GSAD)
>
> It returns :
> Server will not supports SSLv2 Ciphers.
> Server will not supports SSLv3 Ciphers.
> Server will not supports TLSv1 Ciphers.
> None of the weak ciphers are supported
>
> when sslscan show me :
>
> Supported Server Cipher(s):
> Accepted SSLv3 256 bits DHE-RSA-AES256-SHA
> Accepted SSLv3 256 bits AES256-SHA
> Accepted SSLv3 168 bits EDH-RSA-DES-CBC3-SHA
> Accepted SSLv3 168 bits DES-CBC3-SHA
> Accepted SSLv3 128 bits DHE-RSA-AES128-SHA
> Accepted SSLv3 128 bits AES128-SHA
> Accepted SSLv3 128 bits RC4-SHA
> Accepted SSLv3 128 bits RC4-MD5
> Accepted SSLv3 56 bits EDH-RSA-DES-CBC-SHA
> Accepted SSLv3 56 bits DES-CBC-SHA
> Accepted TLSv1 256 bits DHE-RSA-AES256-SHA
> Accepted TLSv1 256 bits AES256-SHA
> Accepted TLSv1 168 bits EDH-RSA-DES-CBC3-SHA
> Accepted TLSv1 168 bits DES-CBC3-SHA
> Accepted TLSv1 128 bits DHE-RSA-AES128-SHA
> Accepted TLSv1 128 bits AES128-SHA
> Accepted TLSv1 128 bits RC4-SHA
> Accepted TLSv1 128 bits RC4-MD5
> Accepted TLSv1 56 bits EDH-RSA-DES-CBC-SHA
> Accepted TLSv1 56 bits DES-CBC-SHA
>
> Prefered Server Cipher(s):
> SSLv3 256 bits DHE-RSA-AES256-SHA
> TLSv1 256 bits DHE-RSA-AES256-SHA
>
>
> Any idea or thing i can do to help to debug ?
>
> _______________________________________________
> Openvas-plugins mailing list
> Openvas-plugins at wald.intevation.org
> http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-plugins
More information about the Openvas-plugins
mailing list