Nmap Development mailing list archives
Re: Microsoft SQL Server fingerprints for SQL 2000 and 2005
From: Tom Sellers <nmap () fadedcode net>
Date: Thu, 28 Feb 2008 20:35:08 -0600
Tom Sellers wrote: > Fyodor wrote: >> On Tue, Jan 08, 2008 at 06:54:02PM -0600, Tom Sellers wrote: >>> Based on the feedback from Doug and Fyodor I have generated a >>> probe/match set for Microsoft SQL Server 2000 and 2005. MS SQL >>> Server's response to the probe includes the major and minor >>> software revision in hex. >> Hi Tom. Would you send us your latest version of this? One nit is >> that the version information should be in v// and not the program name >> (p//) field. Maybe including the year in the product name is OK >> (e.g. Microsoft SQL Server 2005), but the build number and SP should >> probably be in v// or i// fields as appropriate. See >> http://insecure.org/nmap/vscan/vscan-fileformat.html#vscan-db-match . >> >> Cheers, >> -Fyodor >> >> > > > Thomas Buchanan made several excellent improvements to this on > Feb 7 and 8th. I think the only remaining items are addressing > your concerns about the versions being in the p// field. I will > submit a patch tonight that has these changes made. I have been > a bit torn on which data to put in which field. After looking at > the command line and XML output I think I have settled on putting > the Service Pack in the version field (v//) and the build in the > information field (i//). > > For example: v/SP3/ i/Build:8.00.760/ > > I welcome any comments concerning preferences or nmap conventions > on this. > > Tom > I have produced two patches, one with the Build number in the info field and another with the Service Pack number in the info field. I prefer the one with the Build number in the info field, but you folks know what best fits with nmap conventions. Please let me know if the patch files are not correct or if they need to be improved. Tom
Attachment:
nmap-service-probes.build.in.info
Description:
Attachment:
nmap-service-probes.build.in.version
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Re: Microsoft SQL Server fingerprints for SQL 2000 and 2005, (continued)
- Re: Microsoft SQL Server fingerprints for SQL 2000 and 2005 Fyodor (Jan 10)
- Re: Microsoft SQL Server fingerprints for SQL 2000 and 2005 doug (Jan 13)
- Re: Microsoft SQL Server fingerprints for SQL 2000 and 2005 Fyodor (Jan 13)
- RE: Microsoft SQL Server fingerprints for SQL 2000 and 2005 Thomas Buchanan (Feb 07)
- Re: Microsoft SQL Server fingerprints for SQL 2000 and 2005 Fyodor (Feb 07)
- RE: Microsoft SQL Server fingerprints for SQL 2000 and 2005 Thomas Buchanan (Feb 08)
- Re: Microsoft SQL Server fingerprints for SQL 2000 and 2005 Fyodor (Feb 08)
- Re: Microsoft SQL Server fingerprints for SQL 2000 and 2005 Tom Sellers (Feb 28)
- Re: Microsoft SQL Server fingerprints for SQL 2000 and 2005 Tom Sellers (Feb 28)