Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Mainframe Service Probes (JMON and RSED)

From: Phil Young <mainframed767 () gmail com>
Date: Thu, 6 Oct 2016 10:00:15 -0700
I've been digging around with some of the open ports on a mainframe and
have some new service probes to add to nmap. These services don't send any
data until you send something to them.



##############################NEXT PROBE##############################
# RSE for IBM Explorer for z/OS (FMID HALG300)
Probe TCP RSE q|ZmFrZTpmYWtl0\x00\x30\x00|
rarity 9
ports 4035
sslports 4035

match rse m|^\xa2\x85\x99\xa5\x85\x99@| p/IBM Explorer for zOS (FMID
HALG300)/

##############################NEXT PROBE##############################
# JMON for z/OS (FMID HALG300)
Probe TCP JMON q|CONNECT01 v09\n|
rarity 9
ports 6715
sslports 6715

match jmon m|^ACKNOWLEDGE| p/JMON for zOS (FMID HALG300)/


Testing system output:
$ nmap -p 4035,6715 1.1.1.2 -n -Pn -sV

Starting Nmap 7.25SVN ( https://nmap.org ) at 2016-10-06 09:53 PDT
Nmap scan report for 1.1.1.2
Host is up (0.94s latency).
PORT     STATE SERVICE VERSION
4035/tcp open  rse     IBM Explorer for zOS (FMID HALG300)
6715/tcp open  jmon    JMON for zOS (FMID HALG300)

Service detection performed. Please report any incorrect results at
https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 9.53 seconds

-- 
Soldier of Fortran
@mainframed767

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: