[Openvas-plugins] SSL WEAK CIPHER : secpod_ssl_ciphers.nasl vs sslscan

Antu Sanadi santu at secpod.com
Fri Feb 3 14:07:17 CET 2012 

Hi,

Fixed the issue and committed the updated plugin.
If you want to list all supported ciphers, you need enable
"List SSL Suported Ciphers" in Prefs section.

Please let me know if you found any issues.

Thank you!

Regards,
Antu Sanadi
SecPod Technologies Pvt Ltd

On Friday 03 February 2012 01:15 PM, Sébastien AUCOUTURIER wrote:
> i can give you 'in private' the website  for testing purpose if you need
> it.
>
> Le 2/3/2012 08:34, Antu Sanadi a écrit :
>> Hi,
>>
>> Thanks for reporting issue. Let me check.
>>
>> Regards,
>> Antu Sanadi
>> SecPod Technologies Pvt Ltd
>>
>> On Thursday 02 February 2012 10:14 PM, Sebastien Aucouturier wrote:
>>> Hi,
>>>
>>> i got strange behaviour using  secpod_ssl_ciphers.nasl  (with timeout
>>> set to 1200 through GSAD)
>>>
>>> It returns  :
>>>      Server will not supports SSLv2 Ciphers.
>>>      Server will not supports SSLv3 Ciphers.
>>>      Server will not supports TLSv1 Ciphers.
>>>      None of the weak ciphers are supported
>>>
>>> when sslscan show me :
>>>
>>>     Supported Server Cipher(s):
>>>       Accepted  SSLv3  256 bits  DHE-RSA-AES256-SHA
>>>       Accepted  SSLv3  256 bits  AES256-SHA
>>>       Accepted  SSLv3  168 bits  EDH-RSA-DES-CBC3-SHA
>>>       Accepted  SSLv3  168 bits  DES-CBC3-SHA
>>>       Accepted  SSLv3  128 bits  DHE-RSA-AES128-SHA
>>>       Accepted  SSLv3  128 bits  AES128-SHA
>>>       Accepted  SSLv3  128 bits  RC4-SHA
>>>       Accepted  SSLv3  128 bits  RC4-MD5
>>>       Accepted  SSLv3  56 bits   EDH-RSA-DES-CBC-SHA
>>>       Accepted  SSLv3  56 bits   DES-CBC-SHA
>>>       Accepted  TLSv1  256 bits  DHE-RSA-AES256-SHA
>>>       Accepted  TLSv1  256 bits  AES256-SHA
>>>       Accepted  TLSv1  168 bits  EDH-RSA-DES-CBC3-SHA
>>>       Accepted  TLSv1  168 bits  DES-CBC3-SHA
>>>       Accepted  TLSv1  128 bits  DHE-RSA-AES128-SHA
>>>       Accepted  TLSv1  128 bits  AES128-SHA
>>>       Accepted  TLSv1  128 bits  RC4-SHA
>>>       Accepted  TLSv1  128 bits  RC4-MD5
>>>       Accepted  TLSv1  56 bits   EDH-RSA-DES-CBC-SHA
>>>       Accepted  TLSv1  56 bits   DES-CBC-SHA
>>>
>>>     Prefered Server Cipher(s):
>>>       SSLv3  256 bits  DHE-RSA-AES256-SHA
>>>       TLSv1  256 bits  DHE-RSA-AES256-SHA
>>>
>>>
>>> Any idea or thing i can do to help to debug  ?
>>>
>>> _______________________________________________
>>> Openvas-plugins mailing list
>>> Openvas-plugins at wald.intevation.org
>>> http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-plugins
>>>
>> _______________________________________________
>> Openvas-plugins mailing list
>> Openvas-plugins at wald.intevation.org
>> http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-plugins
>

More information about the Openvas-plugins mailing list