Skip to content

nmap で対応している SSL/TLS バージョン・暗号スイートを調べる

以前に openssl コマンドで SSL/TLS バージョンを指定した HTTPS 接続テストを実施する というメモを書きました。 openssl より nmap の方が簡単に該当サイトが対応している SSL/TLS バージョン・暗号スイートを表示出来ます。 具体的には nmap -sV --script ssl-enum-ciphers -p 443 [FQDN] を実行します。 今回は www.apple.com や www.kantei.go.jp に実行した結果をサンプルとして掲載しておきます。

www.apple.com

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
~$ nmap -sV --script ssl-enum-ciphers -p 443 www.apple.com
Starting Nmap 7.94 ( https://nmap.org ) at 2024-02-03 21:33 JST
Nmap scan report for www.apple.com (23.37.116.246)
Host is up (0.0059s latency).
Other addresses for www.apple.com (not scanned): 2600:140b:a00:69e::1aca 2600:140b:a00:6ad::1aca
rDNS record for 23.37.116.246: a23-37-116-246.deploy.static.akamaitechnologies.com

PORT    STATE SERVICE  VERSION
443/tcp open  ssl/http AkamaiGHost (Akamai's HTTP Acceleration/Mirror service)
| ssl-enum-ciphers:
|   TLSv1.0:
|     ciphers:
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|     compressors:
|       NULL
|     cipher preference: server
|   TLSv1.1:
|     ciphers:
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|     compressors:
|       NULL
|     cipher preference: server
|   TLSv1.2:
|     ciphers:
|       TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A
|       TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A
|       TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA256 (rsa 2048) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA256 (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|     compressors:
|       NULL
|     cipher preference: server
|   TLSv1.3:
|     ciphers:
|       TLS_AKE_WITH_AES_128_CCM_8_SHA256 (secp256r1) - A
|       TLS_AKE_WITH_AES_128_CCM_SHA256 (secp256r1) - A
|       TLS_AKE_WITH_AES_128_GCM_SHA256 (secp256r1) - A
|       TLS_AKE_WITH_AES_256_GCM_SHA384 (secp256r1) - A
|       TLS_AKE_WITH_CHACHA20_POLY1305_SHA256 (secp256r1) - A
|     cipher preference: client
|_  least strength: A
|_http-server-header: Apple

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 13.63 seconds

www.kantei.go.jp

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
~$ nmap -sV --script ssl-enum-ciphers -p 443 www.kantei.go.jp
Starting Nmap 7.94 ( https://nmap.org ) at 2024-02-03 21:32 JST
Nmap scan report for www.kantei.go.jp (13.33.5.18)
Host is up (0.015s latency).
Other addresses for www.kantei.go.jp (not scanned): 2600:9000:221b:4c00:0:e7be:3c80:93a1 2600:9000:221b:8400:0:e7be:3c80:93a1 2600:9000:221b:e200:0:e7be:3c80:93a1 2600:9000:221b:a800:0:e7be:3c80:93a1 2600:9000:221b:c000:0:e7be:3c80:93a1 2600:9000:221b:d400:0:e7be:3c80:93a1 2600:9000:221b:f800:0:e7be:3c80:93a1 2600:9000:221b:ac00:0:e7be:3c80:93a1 13.33.5.31 13.33.5.108 13.33.5.98
rDNS record for 13.33.5.18: server-13-33-5-18.nrt51.r.cloudfront.net

PORT    STATE SERVICE  VERSION
443/tcp open  ssl/http Amazon CloudFront httpd
| http-server-header:
|   CloudFront
|_  none
| ssl-enum-ciphers:
|   TLSv1.2:
|     ciphers:
|       TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (ecdh_x25519) - A
|       TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (ecdh_x25519) - A
|       TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (ecdh_x25519) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (ecdh_x25519) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (ecdh_x25519) - A
|     compressors:
|       NULL
|     cipher preference: server
|   TLSv1.3:
|     ciphers:
|       TLS_AKE_WITH_AES_128_GCM_SHA256 (ecdh_x25519) - A
|       TLS_AKE_WITH_AES_256_GCM_SHA384 (ecdh_x25519) - A
|       TLS_AKE_WITH_CHACHA20_POLY1305_SHA256 (ecdh_x25519) - A
|     cipher preference: server
|_  least strength: A

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .