Nmap Development mailing list archives
Re: Service Detection: IBM DB2 Database Server
From: Matt Selsky <selsky () columbia edu>
Date: Fri, 13 Jun 2008 03:00:20 -0400
On Thu, Jun 12, 2008 at 09:16:54PM -0500, Tom Sellers wrote:
I have attached a file containing probes and match lines that detect IBM DB2 Database server. This should allow for the detection of DB2 ranging from 5.x.x to 9.x.x. Two of the match lines will return the version of DB2 with the 3rd only detecting the service. The primary DB2 port is TCP 523, with other services listening on 50000 and sometimes 50001. The proper query to 523 will reveal the DB platform, database names, file system path for the database, and network ports (50001,etc) I intend to write a NSE script that will acquire this information and display it. There are also more detailed version and build details that are encoded in EBCDIC that the script could pull out as well.
Try this match line instead to match DB2 servers running on non-Windows platforms: match ibm-db2 m|(?<=.)DB2/([^\0]+)\0\0\0\0\0\0\0\0\0.{1,3}\0\0\0\0\0\0\0SQL0(\d)(\d\d)(\d+)|s p/IBM DB2 Database Server/ v/$2.$3.$4/ o/$1/ -- Matt _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Service Detection: IBM DB2 Database Server Tom Sellers (Jun 12)
- Re: Service Detection: IBM DB2 Database Server Matt Selsky (Jun 13)
- Re: Service Detection: IBM DB2 Database Server Tom Sellers (Jun 13)
- Re: Service Detection: IBM DB2 Database Server Matt Selsky (Jun 13)