Educause Security Discussion mailing list archives

Re: IRC, IM Proxy Implementations

From: "H. Morrow Long" <morrow.long () YALE EDU>
Date: Wed, 8 Sep 2004 14:00:01 -0400

On Sep 8, 2004, at 1:41 PM, Gary Flynn wrote:

Mark Wilson wrote:

I assume you mean lower case v (-v). Anyway, here it is:
[root@willma root]# nmap -v -p 1-65535 131.204.x.x

Nope. Upper case V. In nmap 3.5 and later, the -V option

Nope. You really mean and want "-sV" (dash, little ess, big Vee) as the flag
(and in fact is what I presume you used for the example in your message).

>From http://www.insecure.org/nmap/data/nmap_manpage.html :

<x-tad-bigger>-sV</x-tad-bigger><x-tad-bigger> Version detection: Afer TCP and/or UDP ports are discovered using one of the other scan methods, version detection communi- cates with those ports to try and determine more about what is actually running. A file called nmap-service-probes is used to determine the best probes for detecting various services and the match strings to expect. Nmap tries to determine the service protocol (e.g. ftp, ssh, telnet, http), the application name (e.g. ISC Bind, Apache httpd, Solaris telnetd), the version num- ber, and sometimes miscellaneous details like whether an X server is open to connections or the SSH protocol version). If Nmap was compiled with OpenSSL support, it will connect to SSL servers to deduce the service listening behind the encryption. When RPC services are discovered, the Nmap RPC grinder is used to determine the RPC program and version numbers. Some UDP ports are left in the "open|filtered" state after a UDP scan is unable to determine whether the port is open or filtered. Ver- sion detection will try to elicit a response from these ports (just as it does with open ports), and change the state to open if it succeeds. Note that the Nmap -A option also enables this feature. For a much more detailed description of Nmap service detection, read our paper at http://www.insecure.org/nmap/ver- sionscan.html . There is a related --version_trace option which causes Nmap to print out extensive debugging info about what version scanning is doing (this is a subset of what you would get with --packet_trace). </x-tad-bigger>
- H. Morrow Long, CISSP, CISM
University Information Security Officer
Director -- Information Security Office
Yale University, ITS

Attachment: smime.p7s
Description:

Current thread:

Re: IRC, IM Proxy Implementations, (continued)
- Re: IRC, IM Proxy Implementations Hearn, David L. (Sep 08)
- Re: IRC, IM Proxy Implementations Daniel Adinolfi (Sep 08)
- Re: IRC, IM Proxy Implementations Richard Gadsden (Sep 08)
- Re: IRC, IM Proxy Implementations Gary Flynn (Sep 08)
- Re: IRC, IM Proxy Implementations Mark Wilson (Sep 08)
- Re: IRC, IM Proxy Implementations Justin Azoff (Sep 08)
- Re: IRC, IM Proxy Implementations H. Morrow Long (Sep 08)
- Re: IRC, IM Proxy Implementations Herrera Reyna Omar (Sep 08)
- Re: IRC, IM Proxy Implementations Eric Pancer (Sep 08)
- Re: IRC, IM Proxy Implementations Gary Flynn (Sep 08)
- Re: IRC, IM Proxy Implementations H. Morrow Long (Sep 08)
- Re: IRC, IM Proxy Implementations Mark Wilson (Sep 08)