Re: help (Windows 2008 service probe)

[viswanath emani <viswanath.emani () gmail com>]

Hello David,

Thanks a lot for your reply. The problem is that there is no match available
for Windows 2008 X64 and all those machines are being identified as Windows
2008. I will try to get the signature for Windows 2008 X64. Thanks a lot for
your help.

Regards,
Viswanath.

On Mon, Sep 20, 2010 at 11:11 AM, David Fifield <david () bamsoftware com>wrote:

> On Tue, Sep 14, 2010 at 03:27:53PM +0530, viswanath emani wrote:
> > Hi,
> >
> > This is Viswanath Emani. I am using NMAP services for OS Resolution. I
> > currently require probe for Windows 2008 X64 platform. I have the probe
> for
> > Windows 2008 platform, please see below
> >
> > ^\0\0\0.\xffSMBr\0\0\0\0\x88\x01@\0\0\0\0\0\0\0\0\0\0\0\0\0\0@
> \x06\0\0\x01\0\x11\x07\0.2\0\x01\0\x04A\0\0\0\0\x01\0\0\0\0\0\xfd\xe3\x01\0
> > -->
> >                          name="microsoft-ds-WINDOWS2008"
> >
> > Could you please help me in getting a similar kind of probe for Windows
> 2008
> > X64. Appreciate your help.
>
> Is the problem that there is no match for Windows 2008 x64, or is the
> problem that it is wrongly identified as something else?
>
> We have a match line for SMBProgNeg that mentions Windows 2008, but it's
> not the same as what you posted above:
>
> match microsoft-ds m|^\0\0\0.\xffSMBr\0\0\0\0\x88\x01@
> \0\0\0\0\0\0\0\0\0\0\0\0\0\0@\x06\0\0\x01\0\x11\x07\0.2\0\x01\0\x04.\0\0\0\0\x01\0\0\0\0\0\xfd\xf3\x01\0|s
> p/Microsoft Windows 2003 or 2008 microsoft-ds/ o/Windows/
>
> If you got a signature from scanning Windows 2008 x64, please submit it
> at http://nmap.org/submit/.
>
> David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/