Jump to content
Welcome to our new Citrix community!

nmap shows detected addtional cipher that is not part of cipher suite and bound to VIP

Samarjit Das

Recommended Posts

Output from sh cipher cipher-name

1)      Cipher Name: TLS1.2-ECDHE-RSA-AES128-GCM-SHA256 Priority : 1
        Description: TLSv1.2 Kx=ECC-DHE  Au=RSA  Enc=AES-GCM(128) Mac=AEAD   HexCode=0xc02f
2)      Cipher Name: TLS1.2-ECDHE-RSA-AES256-GCM-SHA384 Priority : 2
        Description: TLSv1.2 Kx=ECC-DHE  Au=RSA  Enc=AES-GCM(256) Mac=AEAD   HexCode=0xc030
3)      Cipher Name: TLS1-ECDHE-RSA-AES128-SHA  Priority : 3
        Description: SSLv3 Kx=ECC-DHE  Au=RSA  Enc=AES(128)  Mac=SHA1   HexCode=0xc013
4)      Cipher Name: TLS1-ECDHE-RSA-AES256-SHA  Priority : 4
        Description: SSLv3 Kx=ECC-DHE  Au=RSA  Enc=AES(256)  Mac=SHA1   HexCode=0xc014
5)      Cipher Name: TLS1.2-ECDHE-RSA-AES-128-SHA256    Priority : 5
        Description: TLSv1.2 Kx=ECC-DHE  Au=RSA  Enc=AES(128)  Mac=SHA-256   HexCode=0xc027
6)      Cipher Name: TLS1.2-ECDHE-RSA-AES-256-SHA384    Priority : 6
        Description: TLSv1.2 Kx=ECC-DHE  Au=RSA  Enc=AES(256)  Mac=SHA-384   HexCode=0xc028
7)      Cipher Name: TLS1.2-DHE-RSA-AES128-GCM-SHA256   Priority : 7
        Description: TLSv1.2 Kx=DH       Au=RSA  Enc=AES-GCM(128) Mac=AEAD   HexCode=0x009e
8)      Cipher Name: TLS1.2-DHE-RSA-AES256-GCM-SHA384   Priority : 8
        Description: TLSv1.2 Kx=DH       Au=RSA  Enc=AES-GCM(256) Mac=AEAD   HexCode=0x009f
9)      Cipher Name: TLS1.2-DHE-RSA-AES-128-SHA256      Priority : 9
        Description: TLSv1.2 Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA-256   HexCode=0x0067
10)     Cipher Name: TLS1.2-DHE-RSA-AES-256-SHA256      Priority : 10
        Description: TLSv1.2 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA-256   HexCode=0x006b



nmap output:

443/tcp open  https?
| ssl-enum-ciphers:
|   TLSv1.1
|     Ciphers (2)
|     Compressors (1)
|       uncompressed
|   TLSv1.2
|     Ciphers (10)
|     Compressors (1)
|_      uncompressed

Link to comment
Share on other sites



I don't think  nmap shows  addtional ciphers.


It shows what ciphers are used with tls1.1 and which ones with tls1.2.


The ciphers on the  list can be used with different protocols (tls1.1 , tls1.2)

Protocol is one thing and the cipher is another thing.

Some ciphers work with some protocols and don't with other protocol.

For example is you enable tls1.0 you will see in the scan what ciphers the server can use with tls1.0 protocol.


At least this is what i have seen before.


Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...