Nmap Development mailing list archives
Re: STOMP Probe
From: Lionel Cons <lionel.cons () cern ch>
Date: Mon, 21 Jan 2008 09:18:24 +0100
doug () hcsw org writes:
I would disagree with this. IMHO, it should be linked to the probability of finding the service during a scan. Popular services should be scanned by default, regardless of the fact that they may need a dedicated probe.That's an excellent point. Do you feel this probe is common enough for inclusion in the default scan?
No, I don't think that STOMP is common enough (yet).
Determining which services are the most common is a problem we have been thinking about for a while. If you (or anyone) has any ideas on measuring or estimating this, I think it would be a great discussion topic.
IMHO, we could ivent a way to collect Nmap statistics. For instance: (1) we scan our machines with Nmap (set of options to be defined) (2) we pass the results through some script that would output sanitised statistics (to be defined) such as this service has been found on this port or this probe found something in n% of the cases (3) we submit these stats to some web service, like it is done today for the fingerprint submission The results would not be very scientific but would maybe help to improve the probes and service detection. Cheers, Lionel _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- STOMP Probe Lionel Cons (Jan 15)
- Re: STOMP Probe doug (Jan 17)
- Re: STOMP Probe Lionel Cons (Jan 17)
- Re: STOMP Probe doug (Jan 18)
- Re: STOMP Probe Lionel Cons (Jan 21)
- Re: STOMP Probe Lionel Cons (Jan 17)
- Re: STOMP Probe doug (Jan 17)