Re: [PATCH] Always list SSL in case any SSL connection succeeded

[Kristof Boeynaems <kristof.boeynaems () gmail com>]

Kristof Boeynaems wrote:
> David Fifield wrote:
> <snip>
> > One more thing: In the test you described, the output should be
> > "ssl/unknown?", not "ssl/unknown". Leaving off the question mark makes
> > it look as if the port was positively identified. It's confusing in this
> > case because the port is named "unknown", but that name comes from the
> > nmap-services file. If you repeat the s_server experiment with port 80
> > you'll see what I mean. The output should be "ssl/http?", not "ssl/http"
> > or "http?".
> >   
>
> Good point. I'll look into that once we have agreed on where we should 
> make the change :)

Mmm, I had a look, and it seems that the behavior is slightly different 
than you describe. Did you really get those results after applying the 
patch? I am unable to reproduce those.

I believe that with the patch, the test case above will always return 
"ssl/unknown", no matter the port.
It will always default to line 476 in output.cc, thus adding "unknown" 
to the "ssl/" string set earlier.

Nevertheless, if you prefer "ssl/unknown?" for these cases, we can 
probably change it there.

However, while "ssl/http" would indeed not be acceptable, I think 
"ssl/unknown" is better than "ssl/unknown?", as we are sure that there 
is "something" behind ssl (and we are sure that we don't know what ;)).
I am afraid that displaying "ssl/unknown?" might give the impression 
that even the "ssl/" part is doubtful.

What do you think?

Thanks,

Kristof

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org