Nmap Development mailing list archives
Is db2-discover.nse redundant?
From: Daniel Miller <bonsaiviking () gmail com>
Date: Wed, 3 Sep 2014 11:22:13 -0500
List, I was doing some NSE updates and I realized that db2-discover could probably be turned into a service probe and match. Then I realized there was already one there! So can/should we remove db2-discover? Here is the info from nmap-service-probes: # Following probe created by Patrik Karlsson: ##############################NEXT PROBE############################## Probe UDP ibm-db2-das-udp q|DB2GETADDR\0SQL08010\0| rarity 8 ports 523 match ibm-db2 m|^DB2RETADDR\0SQL0(\d)(\d\d)(\d+)\0([^\0]+)\0|s p/IBM DB2 Database Server/ v/$1.$2.$3/ i/Hostname: $4/ The only differences I can see are: 1. The script's probe is "DB2GETADDR\0SQL09010\0", which looks like just a client version difference. 2. The script tries to handle versions that don't begin with "SQL0", but the string match that comes before version parsing negates the effort, so I don't think this is a big difference. I think the reason this script exists is that it used to also contain broadcast discovery functions that got moved to broadcast-db2-discover.nse Dan _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Is db2-discover.nse redundant? Daniel Miller (Sep 03)
- Re: Is db2-discover.nse redundant? Fyodor (Sep 17)