Nmap Development mailing list archives
Re: NSock error when scanning nessusd
From: Tom Sellers <nmap () fadedcode net>
Date: Fri, 13 Jun 2008 22:10:52 -0500
Brandon Enright wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I too have noticed that when Nmap encounters a Nsock error it aborts abruptly. Although sometime undesirable, I haven't looked into the "problem" enough to decide if there is a more graceful error handling technique that can be used. I've been doing a giant (hundreds of millions of hosts) SSL survey of the Internet for a while now and run into this many times with Nmap/OpenSSL. My guess is that there is a way to tell OpenSSL to try SSL 3/2 and on failure fall back on TLS 1 but I haven't looked into it because the problem is rare enough that it doesn't matter for my survey project. I know several Nmap developers are working on different aspects of OpenSSL and further integration with Nmap/NSE; one of them may be able to look into this.
I looked at the code for a bit, felt like I was making progress locating the general problem area and then stepped in way over my head. After seeing the following code: ********************************************************************** service_scan.cc line 1814 static int scanThroughTunnel(nsock_pool nsp, nsock_iod nsi, ServiceGroup *SG, ServiceNFO *svc) { if (strncmp(svc->probe_matched, "ssl/", 4) == 0) { /* The service has been detected without having to make an SSL connection */ svc->tunnel = SERVICE_TUNNEL_SSL; svc->probe_matched += 4; return 0; ********************************************************************** I settled for changing the match line's service entry in nmap-service-probes to ssl/nessus so as to trigger this clause as a temporary work around. The up side is that it lets me work around the issue a service at a time.
Your recent testing and feedback for service fingerprinting has been most valuable so please keep up the good work!
Thanks much. I enjoy the work, it helps me professionally and it lets me give something in exchange for the excellent, free tool that I have used for years. Tom _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- NSock error when scanning nessusd Tom Sellers (Jun 13)
- Re: NSock error when scanning nessusd Brandon Enright (Jun 13)
- Re: NSock error when scanning nessusd Tom Sellers (Jun 13)
- Re: NSock error when scanning nessusd Brandon Enright (Jun 13)