Re: Service Detection: IBM DB2 Database Server

[Matt Selsky <selsky () columbia edu>]

On Thu, Jun 12, 2008 at 09:16:54PM -0500, Tom Sellers wrote:
> I have attached a file containing probes and match lines that detect IBM
> DB2 Database server.  This should allow for the detection of DB2 ranging
> from 5.x.x to 9.x.x.  Two of the match lines will return the version of
> DB2 with the 3rd only detecting the service.
>
> The primary DB2 port is TCP 523, with other services listening on 50000
> and sometimes 50001.  The proper query to 523 will reveal the DB platform,
> database names, file system path for the database, and network ports (50001,etc)
> I intend to write a NSE script that will acquire this information and
> display it.  There are also more detailed version and build details that
> are encoded in EBCDIC that the script could pull out as well.

Try this match line instead to match DB2 servers running on non-Windows 
platforms:

match ibm-db2 m|(?<=.)DB2/([^\0]+)\0\0\0\0\0\0\0\0\0.{1,3}\0\0\0\0\0\0\0SQL0(\d)(\d\d)(\d+)|s p/IBM DB2 Database 
Server/ v/$2.$3.$4/ o/$1/


-- 
Matt

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org