Auditing the strength of cipher suites in SSL servers
SSL attacks are very popular these days, and it is very common to see servers accepting insecure cipher and compression methods. We can use Nmap to quickly evaluate the strength of the cipher suites used in servers in an automated way.
This recipe shows how to list and audit the strength of the cipher suites supported by a HTTPS server with Nmap.
How to do it...
Use the NSE script ssl-enum-ciphers
to obtain a list of supported cipher suites and their security rating:
$ nmap --script ssl-enum-ciphers -p 443 <host>
Warnings will be thrown if misconfigurations are detected:
PORT STATE SERVICE 443/tcp open https | ssl-enum-ciphers: | TLSv1.0: | ciphers: | TLS_RSA_WITH_RC4_128_MD5 (rsa 2048) - C | TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - C | TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C | TLS_RSA_WITH_DES_CBC_SHA (rsa 2048) - C | TLS_RSA_EXPORT1024_WITH_RC4_56_SHA...