Nmap Development mailing list archives
nmap-3.93 UDP service fingerprinting does not show the match
From: Martin Mačok <martin.macok () underground cz>
Date: Fri, 21 Oct 2005 09:57:35 +0200
Running nmap UDP version scanning against service with fingerprint in the database does not print the match: # nmap -P0 -d --version_trace -sUV -p53 localhost [..] Service scan match (Probe DNSVersionBindReq matched with DNSVersionBindReq): localhost (127.0.0.1):53 is domain. Version: |pdnsd||| [..] 53/udp open domain? Martin Mačok ICT Security Consultant Full dump: # nmap -P0 -d --version_trace -sUV -p53 localhost Starting nmap 3.93 ( http://www.insecure.org/nmap/ ) at 2005-10-21 09:48 CEST The max # of sockets we are using is: 0 Initiating UDP Scan against localhost (127.0.0.1) [1 port] at 09:48 Packet capture filter (device lo): dst host 127.0.0.1 and (icmp or (udp and (src host 127.0.0.1))) Discovered open|filtered port 53/udp on 127.0.0.1 The UDP Scan took 2.01s to scan 1 total ports. Fetchfile found /usr/share/nmap/nmap-service-probes Initiating service scan against 1 service on localhost (127.0.0.1) at 09:48 Starting probes against new service: 127.0.0.1:53 (udp) NSOCK (2.0480s) UDP connection requested to 127.0.0.1:53 (IOD #1) EID 8 NSOCK (2.0480s) nsock_loop() started (no timeout). 1 events pending NSOCK (2.0480s) Callback: CONNECT SUCCESS for EID 8 [127.0.0.1:53] NSOCK (2.0480s) Write request for 30 bytes to IOD #1 EID 19 [127.0.0.1:53]: .............version.bind..... NSOCK (2.0480s) Read request from IOD #1 [127.0.0.1:53] (timeout: 5000ms) EID 26 NSOCK (2.0480s) Callback: WRITE SUCCESS for EID 19 [127.0.0.1:53] NSOCK (2.0480s) Callback: READ SUCCESS for EID 26 [127.0.0.1:53] (30 bytes): .............version.bind..... Discovered open port 53/udp on 127.0.0.1 Service scan match (Probe DNSVersionBindReq matched with DNSVersionBindReq): localhost (127.0.0.1):53 is domain. Version: |pdnsd||| The service scan took 0.00s to scan 1 service on 1 host. Starting RPC scan against localhost (127.0.0.1) Fetchfile found /usr/share/nmap/nmap-rpc Fetchfile found /usr/share/nmap/nmap-services Host localhost (127.0.0.1) appears to be up ... good. Interesting ports on localhost (127.0.0.1): PORT STATE SERVICE VERSION 53/udp open domain? Final times for host: srtt: -1 rttvar: -1 to: 1000000 Nmap finished: 1 IP address (1 host up) scanned in 2.054 seconds Raw packets sent: 2 (56B) | Rcvd: 2 (56B) _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- nmap-3.93 UDP service fingerprinting does not show the match Martin Mačok (Oct 21)
- Re: nmap-3.93 UDP service fingerprinting does not show the match doug (Oct 21)
- Re: nmap-3.93 UDP service fingerprinting does not show the match Martin Mačok (Oct 21)
- Re: nmap-3.93 UDP service fingerprinting does not show the match Fyodor (Nov 07)
- Re: nmap-3.93 UDP service fingerprinting does not show the match doug (Oct 21)