Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Service match for ZOT HTTP server and some corrections...

From: Martin Mačok <martin.macok () underground cz>
Date: Mon, 27 Dec 2004 12:52:22 +0100
On Mon, Dec 27, 2004 at 02:06:23AM +0100, Tomás García-Merás wrote:


 yet another match: (in response to the "TCP GetRequest" probe):


Seems OK to me. Next time, sending a "diff -u" would be more
convenient, or you could just fill it to the service fingerprints
submission webpage.


nmap 3.78 identifies the device as:

Device type: print server
Running: Hawking embedded
OS details: Hawking PS12U Embedded Print Server

and nmap 3.75 identifies it as:

Device type: print server
Running: Hawking embedded, Zero One embedded, EUSSO embedded
OS details: Print Server: Zero One Tech 3000, Hawking PN7117, or EUSSO 
UPS1211-B

Why the change? nmap 3.78 is detecting a different OS fingerprint than 
3.75, don't know why...


Probably, various people have submitted the fingerprints to the
webpage and identified them differently. Fyodor updated the OS
fingerprints then ...


Anyway, there's no such "Hawking embedded" nor "Eusso embedded", both 
companies sells repackaged Zero One Technology print servers


Thank you for clarification.


So, I think we should change some fingerprints on nmap (please
anyone check this!):


Seems OK to me but I am not sure if we want to tell to the user the
name of the real OS inside (ZOT firmware) or tell her the product name
(Hawking/Eusso) too ...


From:

...

To:

...

"diff -u" output would be more convenient here too (saving us the time
to paste them to the files and run (xx)diff to see the changes).


PS: Sorry for my bad english...


... definitely not worse than mine ;-)

P.S. (to Fyodor) I've created the patches. Just tell me when you are
ready and I will send them all (including others) in a batch to you,
I don't want to "flood" the mailing list by the time ...

Martin Mačok
IT Security Consultant

---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List archive: http://seclists.org
Previous By Date Next
Previous By Thread Next

Current thread: