Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Extention to Fingerprint File

From: ken2400 () softhome net
Date: Wed, 04 Jun 2003 09:19:19 -0600
Hi All This I believe is somewhat related to what phreed_at_netarx.com wrote about, see his orig message below. I have been tasked to import the fingerprint file into our database. From what I can tell the file has two major fields, description and fingerprint. I am in need of expanding the description field to make it more useful for users of the IMAP program. I believe it would help to better identify what IMAP has found on a given network. I know this would take some effort BUT believe it would help all. New description layout Fingerprint Vendor IBM, Model OS running on RS/6000 hardware, Name AIX, Description Unix like OS, Version 3.2, Processor_arch RISC, Orig desc AIX 3.2 running on RS/6000 I think the above line or something like it would help the users of NMAP to get a better idea of what NMAP found on a given network. Has anyone else made this kind of change? Thanks for your time/help 






Orig message from phreed_at_netarx.com
-----------------------------------
I would like an alternate description line in the <nmap-os-fingerprints>
file.
This alternate line would appear in the XML output.
Example:
----nmap-os-fingerprint---------------
...
Fingerprint AXIS NetEye Camera Server V1.20 # Thanks to Pluvius
XML type="camera"
TSeq(Class=C)
...
# Thanks to Jan B. Koum (Cisco 2516,7500,7505)
Fingerprint Cisco IOS 11.3 - 12.0(11)" type="switch router"
XML type="switch router" layer="2"
...
---output--------------
...
<osmatch name="Axis 200+ Web Camera running OS v1.42"
type="camera"
accuracy="100"/>
...
<osmatch name="Cisco IOS 11.3 - 12.0(11)"
 type="switch router"
layer="2"
accuracy="100"/>
...
----------------- 

Clearly, I can get this behavior now by modifying the
<nmap-os-fingerprints> file.
Example:
----nmap-os-fingerprint---------------
...
Fingerprint AXIS NetEye Camera Server V1.20 # Thanks to Pluvius"
type="camera
...
---------------------------
Two problems with that:
- It is ugly
- It would screw up non-XML output 

If nobody has a problem with this change I will hack
the source and submit the patch.
Are there any other fields that could/should be included in the XML line?
I will modify the draft XSchema accordingly.
Thanks. 

---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Previous By Date Next
Previous By Thread Next

Current thread: