How to use the 'nmap' tool to determine which protocols and cipher suites are in use in an Qlik environment

Summary:

It is helpful to know which protocols and cipher suites are offered by a service or process. For example, when you troubleshoot connection issues in an Qlik Sense environment with either:

• Secure Sockets Layer (SSL)
  Or
• Transport Layer Security (TLS)

This article describes how to use the open-source nmap tool to identify protocols and cipher suites.

The open-source nmap tool can list the cipher suites and protocols supported by a process that listens on a given port.

NOTE: The examples below are given for when nmap is run on a Windows system. It is also available for other operating systems and the command line is the same.

1. Obtain and install the latest version of nmap at https://nmap.org. The nmap tool does not have to be installed on the same system as the port you want to query. But it must be installed on a system that can connect to the target system.
   
   Example: If you are troubleshooting connections between an Qlik Server and an SQL Server, you do not have to install nmap on the SQL Server itself.
   
   WARNING:
• ​​It is not recommended that you install the full version of nmap on the Qlik server or the SQL Server. The full installation using the executable installer includes the npcap packet capture library. The full install creates a new network adaptor, which is used by the Qlik server or SQL Server. The full install can cause disruption with services connecting to those servers. For this reason, Qlik recommends that you install the full version of nmap on a separate system that can access the target that you want to scan.
• If it is not possible to use a separate system, and you must use the Qlik server, Qlik recommends that you install the command-line version. The command-line version does not install the npcap library automatically. You must install the Visual C++ 2013 Redistributable package from Microsoft.
   
2. On the system where you have installed nmap, open a command window as an administrator:

1. Press the Windows key + R.
2. In the Run box, type cmd, and then press Ctrl+Shift+Enter.
3. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
    
1. Navigate to the folder where nmap is installed. 
   
   NOTE: The command used by nmap requires the following pieces of information:
1. The host name or IP address of the system that is hosting the service you want to query.
2. The port to connect to, which is the port that the service is listening on.
    
2. Run the following command:
   
   nmap -sV --script ssl-enum-ciphers -p [port] [host_name]
   
   Where:
1. [port] is the port to scan.
2. [host_name] is the name or IP address of the target system.

Example: If you wanted to scan an SQL Server on a system called SQLServer that was listening on port 1433, the command would be:

nmap -sV --script ssl-enum-ciphers -p 1433 SQLServer

The above command scans the relevant port and outputs the results to the command window.

When you want to save the results to a file, you can either:

• Cut and paste from the command window
  Or
• You can run the command again and redirect the output to a file. For example:

nmap -sV --script ssl-enum-ciphers -p 1433 SQLServer > C:\Ciphers.txt

The above command saves the results to C:\Ciphers.txt