Nmap Development mailing list archives
Re: Nmap Service Detection Proposal
From: Fyodor <fyodor () insecure org>
Date: Tue, 29 Aug 2000 10:34:47 -0700 (PDT)
On Tue, 29 Aug 2000, Paul Tod Rieger wrote:
a) "an open port will first be tested" -- does this mean a port may be tested multiple times?
Yesh, although in most cases the actual service will correspond to the registered port number, in which case only one connection will generally be needed.
Will this be stealthy?
Not really. People who need stealth probably won't use it. They can assume all the open ports carry the expected service. Also, you can always use an anonymous dialup or bounce the service detection through a series of open SOCKS proxies (note: nmap does not currently have code to do that for you).
Instead, if the service can't be identified from a single test, maybe it could just be flagged for closer inspection by the user.
Well, even a single test against each service may look pretty obvious in target logs. And I would like to have Nmap determine the service in unexpected cases (this is the main purpose). But perhaps there could be a --servicescan_limit option that does what you are proposing. I recently added an undocumented --osscan_limit option which skips OS detection if it is not likely to be useful (for example if no open ports are found). Cheers, -F --------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Current thread:
- Nmap Service Detection Proposal Fyodor (Aug 27)
- RE: Nmap Service Detection Proposal Jay Freeman (saurik) (Aug 27)
- RE: Nmap Service Detection Proposal Fyodor (Aug 27)
- RE: Nmap Service Detection Proposal Jay Freeman (saurik) (Aug 27)
- RE: Nmap Service Detection Proposal Jay Freeman (saurik) (Aug 28)
- RE: Nmap Service Detection Proposal Fyodor (Aug 27)
- RE: Nmap Service Detection Proposal Jay Freeman (saurik) (Aug 27)
- <Possible follow-ups>
- Re: Nmap Service Detection Proposal Paul Tod Rieger (Aug 28)
- RE: Nmap Service Detection Proposal Jay Freeman (saurik) (Aug 29)
- Re: Nmap Service Detection Proposal Fyodor (Aug 29)
- Re: Nmap Service Detection Proposal H D Moore (Aug 29)
- Re: Nmap Service Detection Proposal Paul Tod Rieger (Aug 28)
- RE: Nmap Service Detection Proposal Jay Freeman (saurik) (Aug 29)
- RE: Nmap Service Detection Proposal Jay Freeman (saurik) (Aug 29)