New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Patch] prohibit RC4 as per RFC7465 #972

Closed
wants to merge 1 commit into
base: master
from

Conversation

Projects
None yet
5 participants
@codarrenvelvindron

codarrenvelvindron commented Aug 15, 2017

As per RFC 7465,
We disallow the usage of RC4 cipher suites as they are no longer secure.

Reference:
https://tools.ietf.org/html/rfc7465

Codarren Velvindron

@nmap-bot nmap-bot closed this in ec0007c Sep 23, 2017

@nnposter

This comment has been minimized.

nnposter commented Sep 24, 2017

This issue has been closed in error. My apologies.
Could you please resubmit?

@codarrenvelvindron

This comment has been minimized.

codarrenvelvindron commented Sep 28, 2017

@dmiller-nmap : Thanks for reopening this pr.

@nmap-bot nmap-bot closed this in 9f494f6 Oct 9, 2017

@b4ldr

This comment has been minimized.

b4ldr commented Oct 9, 2017

im not familiar with this code path however it occurs to me that we would want a tool like nmap/ncat to be able to use weak encryption algorithms so that we can discover services that support them. can we pass ncat a switch to override the algorithms used?

@fyodor

This comment has been minimized.

fyodor commented Oct 18, 2017

Yes, I think you can still request the less secure ciphers by specifying them to --ssl-ciphers. It looks like this patch just defaults to only allowing the more secure set.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment