nmap 으로 해당서버의 ciphers 리스트 확인하기 > IT 기술백서

[code]

nmap –script ssl-enum-ciphers.nse xxx.co.kr -p 443

[/code]

 

출력결과

[code]

Starting Nmap 6.40 ( http://nmap.org ) at 2020-11-25 11:10 KST

Nmap scan report for xxx.co.kr (211.x.x.x)

Host is up (0.0066s latency).

PORT    STATE SERVICE

443/tcp open  https

| ssl-enum-ciphers:

|   SSLv3: No supported ciphers found

|   TLSv1.0:

|     ciphers:

|       TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA – strong

|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA – strong

|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA – strong

|       TLS_ECDHE_RSA_WITH_RC4_128_SHA – strong

|       TLS_RSA_WITH_3DES_EDE_CBC_SHA – strong

|       TLS_RSA_WITH_AES_128_CBC_SHA – strong

|       TLS_RSA_WITH_AES_256_CBC_SHA – strong

|       TLS_RSA_WITH_CAMELLIA_128_CBC_SHA – strong

|       TLS_RSA_WITH_CAMELLIA_256_CBC_SHA – strong

|       TLS_RSA_WITH_IDEA_CBC_SHA – weak

|       TLS_RSA_WITH_RC4_128_MD5 – strong

|       TLS_RSA_WITH_RC4_128_SHA – strong

|       TLS_RSA_WITH_SEED_CBC_SHA – strong

|     compressors:

|       NULL

|   TLSv1.1:

|     ciphers:

|       TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA – strong

|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA – strong

|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA – strong

|       TLS_ECDHE_RSA_WITH_RC4_128_SHA – strong

|       TLS_RSA_WITH_3DES_EDE_CBC_SHA – strong

|       TLS_RSA_WITH_AES_128_CBC_SHA – strong

|       TLS_RSA_WITH_AES_256_CBC_SHA – strong

|       TLS_RSA_WITH_CAMELLIA_128_CBC_SHA – strong

|       TLS_RSA_WITH_CAMELLIA_256_CBC_SHA – strong

|       TLS_RSA_WITH_IDEA_CBC_SHA – weak

|       TLS_RSA_WITH_RC4_128_MD5 – strong

|       TLS_RSA_WITH_RC4_128_SHA – strong

|       TLS_RSA_WITH_SEED_CBC_SHA – strong

|     compressors:

|       NULL

|   TLSv1.2:

|     ciphers:

|       TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA – strong

|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA – strong

|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 – strong

|       TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 – strong

|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA – strong

|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 – strong

|       TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 – strong

|       TLS_ECDHE_RSA_WITH_RC4_128_SHA – strong

|       TLS_RSA_WITH_3DES_EDE_CBC_SHA – strong

|       TLS_RSA_WITH_AES_128_CBC_SHA – strong

|       TLS_RSA_WITH_AES_128_CBC_SHA256 – strong

|       TLS_RSA_WITH_AES_128_GCM_SHA256 – strong

|       TLS_RSA_WITH_AES_256_CBC_SHA – strong

|       TLS_RSA_WITH_AES_256_CBC_SHA256 – strong

|       TLS_RSA_WITH_AES_256_GCM_SHA384 – strong

|       TLS_RSA_WITH_CAMELLIA_128_CBC_SHA – strong

|       TLS_RSA_WITH_CAMELLIA_256_CBC_SHA – strong

|       TLS_RSA_WITH_IDEA_CBC_SHA – weak

|       TLS_RSA_WITH_RC4_128_MD5 – strong

|       TLS_RSA_WITH_RC4_128_SHA – strong

|       TLS_RSA_WITH_SEED_CBC_SHA – strong

|     compressors:

|       NULL

|_  least strength: weak

[/code]