Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-22 08:29:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

Updated Man page (markdown)

Dirk Wetter 2017-06-13 00:11:47 +02:00
parent ae6b71f44f
commit f42346ff83
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
Man-page.md

@ -37,9 +37,10 @@ All options requiring a value can be called with or without '=' e.g. ``testssl.s
Alternatively <fname> can be in nmap's grep(p)able output format (-oG). Only open ports will be considered. Currently only 1x port per line is allowed.
The ports can be different per line, however per mass testing run they can be either STARTTLS enabled ports OR plain TLS/SSL ports, not both.
nmap returns in that putput always IP addresses and -- only if there's a PTR DNS record available -- a hostname.
nmap returns in that output always IP addresses and -- only if there's a PTR DNS record available -- a hostname.
Unfortunately this hostname from nmap is not checked whether it matches the IP (A or AAAA record). testssl.sh does this for you:
if the A record of the hostname matches the IP address, the hostname is used and not the IP address. Please be careful: checks for the IP address might not hit the vhost you want.
if the A record of the hostname matches the IP address, the hostname is used and not the IP address.
Please be careful: checks against an IP address might not hit the vhost you aimed at.
--mode <serial|parallel> Mass testing to be done serial (default) or parallel (--parallel is shortcut for the latter)