Nmap Development mailing list archives
Re: Nmap with Common Platform Enumeration
From: David Fifield <david () bamsoftware com>
Date: Fri, 5 Dec 2008 09:43:17 -0700
On Fri, Dec 05, 2008 at 01:19:01PM +0100, A. Ramos wrote:
As everybody knows, Nmap can be used to do a network infrastructure inventory, running it with OS and applications fingerprinting (-O, -sV), but the output from this is not compatible with other tools. What about using CPE (http://cpe.mitre.org/) to print the output from the results?
That is an interesting idea. I had to look at the specification (http://cpe.mitre.org/files/cpe-specification_2.1.pdf) to see what CPE looks like. It's a machine-readable way of naming operating systems, applications, and hardware. A CPE name for an operating system looks like cpe:/o:microsoft:windows_xp:::pro cpe:/o:redhat:enterprise_linux:4:update4 For an application it could be cpe:/a:apache:httpd:2.0.52 And they give an example for a piece of hardware: cpe:/h:cisco:router:3825 Nmap already has a machine-readable description of the OS in its Class Vendor | Name | Family | Device type lines. A script could likely transform these into CPE, though some information such as service pack numbers is only in the human-readable Fingerprint line. Can you give us examples of applications that use CPE? David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Nmap with Common Platform Enumeration A. Ramos (Dec 05)
- Re: Nmap with Common Platform Enumeration David Fifield (Dec 05)
- Re: Nmap with Common Platform Enumeration A. Ramos (Dec 05)
- Re: Nmap with Common Platform Enumeration David Fifield (Dec 05)