Closed peternewman closed 2 years ago
Dear Peter,
Thanks for the PR, but I would rather not use nmap at all if a proxy is specified.
The check you fixed is just there to spare some time: if the port is closed I don't check with OpenSSL since s_client
will just wait for a timeout. Skipping it would do no harm.
I will also check all other nmap calls and disable them if a proxy is specified.
What do you think?
Matteo
I just committed a new version (67c9978) which disables nmap checks if a proxy is used: can you please test it and tell me if it solves the problem?
nmap doesn't work properly behind a proxy.
See e.g. https://subscription.packtpub.com/book/networking-and-servers/9781786467454/2/ch02lvl1sec37/scanning-through-proxies https://security.stackexchange.com/questions/120708/nmap-through-proxy
I wonder if we actually just need to skip these checks when the user has given a proxy?
There are also some other nmap based checks for SSL cypher types we'll need to check if they work still...