Nmap Development mailing list archives
Re: m|| versus m||s in nmap-service-probes
From: doug () hcsw org
Date: Sat, 15 Dec 2007 16:22:07 -0800
Hi Lionel! On Mon, Dec 10, 2007 at 11:19:31AM +0100 or thereabouts, Lionel Cons wrote:
Most (all?) of these patterns dealing with binary data should IMHO use m||s instead of m||. I append below a list of patterns that seem to match binary data but I think that all patterns should be reviewed manually to check whether the "s" option is used correctly or not.
Thanks for doing this! I went through your list of match lines and added the s modifier to most of them and committed the new version to SVN. Especially for cases like X11, I consider not having the s modifier on these lines to be a bug. I have had to go back and add them before in the past! Your perl script was a great idea and I think will result in more accurate version scans against many binary services including X11 and postgres. Thanks again for all your suggestions! Doug PS. This change does touch a lot of match lines, however, and although I don't expect any problems, any testing of the new probes file is of course appreciated. PPS. I didn't add s modifiers to any of the telnet probes because I didn't think it was necessary. Although telnetds often do spit out lots of binary crap, I still usually think of them as ASCII, line based protocols.
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- m|| versus m||s in nmap-service-probes Lionel Cons (Dec 10)
- Re: m|| versus m||s in nmap-service-probes doug (Dec 10)
- Re: m|| versus m||s in nmap-service-probes doug (Dec 15)