Nmap Announce mailing list archives
Re: Nmap 2.30BETA20 Released
From: "Alek O. Komarnitsky (N-CSC)" <alek () ast lmco com>
Date: Fri, 21 Apr 2000 21:59:03 -0600 (MDT)
From: Andrew Brown <atatat () atatdot net> Subject: Re: Nmap 2.30BETA20 Released To: Justin <jguyett () andrew cmu edu> Cc: nmap-hackers () insecure orgIdealy nmap would have a module to verify each servce it finds, so that (for example) an open port 443 wouldn't be reported as ssl / http if it isn't acting like a websserver.verifying that port 25 is an smtp server is relatively easy, likewise with 21 being ftp control, 22 being an ssh server, and 23 being a telnet server. the daytime and time services are likewise very easy to detect since they just spew; they don't accept. verifying that port 443 is actually an https server is decidedly non-trivial, not the least of which is because it waits for the client to say something before dropping you. it would require at least a minimal ssl stack, and some crypto tools, neither of which belong in the world's best port scanner.
FYI FWIW: nmap-web (URL listed below) has a checkbox that basically says: "try to tell me what is running on the port selected" It does this by opening up a socket connection and snarfing what is returned. Only a few well-defined services are setup (for instance, it will send a "POST / HTTP/1.0" to port 80 to get the web server info), but this could easily be expanded. You can also define an EXPECTED string ... and if you do NOT get that; then it will highlight it in red. This is useful for instance if you have a 1,000+ machines and you want to know which ones are NOT running sendmail8.9.3 ... useful to catch the "stranglers" so you know which ones to fix. alek P.S. nmap-web is linked to from the nmap home page and is at: http://www.komar.org/komar/alek/ -> Misc. Tech Stuff -> nmap-web
Current thread:
- Re: Nmap 2.30BETA20 Released, (continued)
- Re: Nmap 2.30BETA20 Released nmap-hackers (Apr 13)
- Re: Nmap 2.30BETA20 Released Andrew Brown (Apr 20)
- Re: Nmap 2.30BETA20 Released Max Vision (Apr 21)
- Re: Nmap 2.30BETA20 Released Jeffrey Paul (Apr 21)
- Re: Nmap 2.30BETA20 Released Max Vision (Apr 21)
- Re: Nmap 2.30BETA20 Released Andrew Brown (Apr 21)
- Re: Nmap 2.30BETA20 Released Max Vision (Apr 21)
- Re: Nmap 2.30BETA20 Released Justin (Apr 21)
- Re: Nmap 2.30BETA20 Released Andrew Brown (Apr 21)
- Re: Nmap 2.30BETA20 Released Dragos Ruiu (Apr 21)
- Re: Nmap 2.30BETA20 Released Fyodor (Apr 22)
- Re: Nmap 2.30BETA20 Released Alek O. Komarnitsky (N-CSC) (Apr 21)