Security Basics mailing list archives
don't understand the output of nmap -sV
From: "Lentes, Bernd" <bernd.lentes () helmholtz-muenchen de>
Date: Sat, 14 Dec 2013 01:50:20 +0100
Hi, i try to check if a SNMP service is available. I did the following: pc59093:~ # nmap -sU -sV -p161,162 pc53200 The response was: Starting Nmap 4.75 ( http://nmap.org ) at 2013-12-13 21:59 CET Interesting ports on pc53200.xxxxxxxxxxxxx: PORT STATE SERVICE VERSION 161/udp open snmp SNMPv3 server 162/udp open snmp SNMPv3 server 2 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at http://www.insecure.org/cgi-bin/servicefp-submit.cgi : ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port161-UDP:V=4.75%I=7%D=12/13%Time=52AB752E%P=x86_64-suse-linux-gnu%r( SF:SNMPv3GetRequest,73,"0q\x02\x01\x030\x0f\x02\x02Ji\x02\x03\0\xff\xe3\x0 SF:4\x01\0\x02\x01\x03\x04\$0\"\x04\x11\x80\0\x1f\x88\x80\xc0d\xa6d7\xcb\x SF:89H\0\0\0\0\x02\x02\x03\x19\x02\x03\x01i\xf2\x04\0\x04\0\x04\x0005\x04\ SF:x11\x80\0\x1f\x88\x80\xc0d\xa6d7\xcb\x89H\0\0\0\0\x04\0\xa8\x1e\x02\x02 SF:7\xf0\x02\x01\0\x02\x01\x000\x120\x10\x06\n\+\x06\x01\x06\x03\x0f\x01\x SF:01\x04\0A\x02\x01\n"); ==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)============== SF-Port162-UDP:V=4.75%I=7%D=12/13%Time=52AB7551%P=x86_64-suse-linux-gnu%r( SF:SNMPv3GetRequest,56,"0T\x02\x01\x030\x0e\x02\x02Ji\x02\x02\x05\xdc\x04\ SF:x01\0\x02\x01\x03\x04\x1a0\x18\x04\x07initial\x02\x01\x01\x02\x04\0\xb2 SF:\x1d\x06\x04\0\x04\0\x04\x000#\x04\0\x04\0\xa8\x1d\x02\x027\xf0\x02\x01 SF:\0\x02\x01\x000\x110\x0f\x06\n\+\x06\x01\x06\x03\x0f\x01\x01\x04\0A\x01 SF:\0"); Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 46.56 seconds On one hand, the response said it's a SNMPv3 server. On the other hand nmap said it can't recognize the service. That does not make sense to me. Thanks for any help Bernd -- Bernd Lentes Systemadministration Institut für Entwicklungsgenetik Gebäude 35.34 - Raum 208 HelmholtzZentrum münchen bernd.lentes () helmholtz-muenchen de phone: +49 89 3187 1241 fax: +49 89 3187 2294 http://www.helmholtz-muenchen.de/idg Die Freiheit wird nicht durch weniger Freiheit verteidigt Helmholtz Zentrum München Deutsches Forschungszentrum für Gesundheit und Umwelt (GmbH) Ingolstädter Landstr. 1 85764 Neuherberg www.helmholtz-muenchen.de Aufsichtsratsvorsitzende: MinDir´in Bärbel Brumme-Bothe Geschäftsführer: Prof. Dr. Günther Wess, Dr. Nikolaus Blum, Dr. Alfons Enhsen Registergericht: Amtsgericht München HRB 6466 USt-IdNr: DE 129521671 ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- don't understand the output of nmap -sV Lentes, Bernd (Dec 18)
- Re: don't understand the output of nmap -sV Luther Blissett (Dec 22)