Nmap Development mailing list archives
Incorrect Telnet Detection
From: Lionel Cons <lionel.cons () cern ch>
Date: Wed, 19 Mar 2008 16:04:45 +0100
I have recently scanned a clock that was running a telnet server which was mistakenly identified as a Nessus server: # nmap -sSV -p 23 1.2.3.4 [...] PORT STATE SERVICE VERSION 23/tcp open nessus Nessus Daemon (NTP v1.0) But: $ telnet 1.2.3.4 [...] Inova Solutions Digital Clock Welcome to OnTime Clock Version 1.2.N iclock login: Here is a suggested addition to nmap-service-probes to properly detect this service: match telnet m|^\xff\xfb\x01\xff\xfb\x03\s+Inova Solutions Digital Clock\s+Welcome to OnTime Clock Version ([\w\.]+)\s+iclock login:|s p/Inova Solutions Digital Clock/ v/$1/ d/clock/ Cheers, Lionel _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Incorrect Telnet Detection Lionel Cons (Mar 19)
- Re: Incorrect Telnet Detection Brandon Enright (Mar 19)