Re: Banner Grabbing

[Bradley Kite <bradley () deathsgate demon co uk>]

Hi there Sean.

I am currently halfway through writing a patch that:

A: Logs direct to PostgreSQL database.
B: Captures banners on TCP connections (and logs to postgres too...)

I will post it to this list as soon as its complete.

--
Brad.

On Thu, Jun 27, 2002 at 05:43:09AM -0700, Sean Donner wrote:
> Mailing-List: contact nmap-dev-help () insecure org; run by ezmlm
> Precedence: bulk
> List-Post: <mailto:nmap-dev () insecure org>
> List-Help: <mailto:nmap-dev-help () insecure org>
> List-Unsubscribe: <mailto:nmap-dev-unsubscribe () insecure org>
> List-Subscribe: <mailto:nmap-dev-subscribe () insecure org>
> Delivered-To: mailing list nmap-dev () insecure org
> From: "Sean Donner" <seand () maximus homelinux net>
> To: <nmap-dev () insecure org>
> Subject: Banner Grabbing
> Date: Thu, 27 Jun 2002 05:43:09 -0700
> X-Priority: 3
> X-MSMail-Priority: Normal
> X-Mailer: Microsoft Outlook Express 6.00.2600.0000
> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
>
> I think the one thing that this scanner is really missing is banner grabbing.  With this option implemented into 
> nmap, you could scan your network and see which services are giving up too much info, telnet is espeically guilty of 
> this. I would imagine that this option would not be too hard to implement, although it would require a full tcp 
> handshake and thus toss stealth scanning out the door with this on.  A good idea would to also send a "HEAD / 
> HTTP/1.0" command if a timeout occured while trying to grab a banner.  Im new to this mailing list, so im not sure if 
> this has been talked about before but I did not see it in any of the archives.  Feedback is much appreciated. Thanks

-- 
Software Developer/Data Management Specialist
Alchemetics Ltd, http://www.alchemetrics.co.uk
pgp key: http://www.deathsgate.demon.co.uk/bradley.key.asc

Attachment: _bin
Description: