Skip to content

[Patch] prohibit RC4 as per RFC7465#972

Closed
codarrenvelvindron wants to merge 1 commit intonmap:masterfrom
codarrenvelvindron:master
Closed

[Patch] prohibit RC4 as per RFC7465#972
codarrenvelvindron wants to merge 1 commit intonmap:masterfrom
codarrenvelvindron:master

Conversation

@codarrenvelvindron
Copy link

@codarrenvelvindron codarrenvelvindron commented Aug 15, 2017

As per RFC 7465,
We disallow the usage of RC4 cipher suites as they are no longer secure.

Reference:
https://tools.ietf.org/html/rfc7465

@nmap-bot nmap-bot closed this in ec0007c Sep 23, 2017
@nnposter
Copy link

nnposter commented Sep 24, 2017

This issue has been closed in error. My apologies.
Could you please resubmit?

@nnposter nnposter mentioned this pull request Sep 24, 2017
Closed
@dmiller-nmap dmiller-nmap reopened this Sep 24, 2017
@codarrenvelvindron
Copy link
Author

codarrenvelvindron commented Sep 28, 2017

@dmiller-nmap : Thanks for reopening this pr.

@nmap-bot nmap-bot closed this in 9f494f6 Oct 9, 2017
@b4ldr
Copy link

b4ldr commented Oct 9, 2017

im not familiar with this code path however it occurs to me that we would want a tool like nmap/ncat to be able to use weak encryption algorithms so that we can discover services that support them. can we pass ncat a switch to override the algorithms used?

@fyodor
Copy link
Member

fyodor commented Oct 18, 2017

Yes, I think you can still request the less secure ciphers by specifying them to --ssl-ciphers. It looks like this patch just defaults to only allowing the more secure set.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@codarrenvelvindron @nnposter @b4ldr @fyodor @dmiller-nmap