Nmap Development mailing list archives

Re: nmap+V

From: "Jay Freeman \(saurik\)" <saurik () saurik com>
Date: Sun, 31 Aug 2003 17:10:28 -0500

Jamie:

Nmap+V's older versions were able to do this by doing a -sT. It would then
reuse the existing connection from the connect() scan so as to only use the
single connection. I removed this in a recent version (like within the last
month) of nmap+V so I could maintain a smaller patch against Fyodor's base
nmap distribution (as this required making some changes to the addport()
call or something like that that all of the scans used).

I could probably make it so that a -sV that doesn't have any open ports
available performs the open analysis as well. I will make that change
tomorrow, will probably be about 4 lines of code :).

Sincerely,
Jay Freeman (saurik)
saurik () saurik com

----- Original Message -----
From: "Jamie" <aouf77 () dsl pipex com>
To: "Fyodor" <fyodor () insecure org>
Cc: <nmap-dev () insecure org>
Sent: Sunday, August 31, 2003 4:37 PM
Subject: Re: nmap+V


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sunday 31 August 2003 22:10, Fyodor wrote:

On Sun, Aug 31, 2003 at 09:17:47PM +0100, testic wrote:

What is this +V thing anyway? I tried to compile it underLinux but
it stuck


It is an unofficial patch that Saurik has made to Nmap to try and
derive some service and version identification information from the
ports that are scanned.  Another (also partially nmap-derived) program
that does this is Amap ( http://www.thc.org/releases.php ).  I believe
that this is a very useful feature that belongs in core Nmap.  So I
have written an alternative implementation that I hope to release in
the next week or so.


Ah cool. Feature request - be able to do banner grab without doing syn scan
first to see if open since if you're going to send a syn and then banner
grab
you might as well banner grab in the first place - from memory think this is
a problem with nmap+V.

Cheers,

- -jamie.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE/Umq40oWsN6bx+R0RAlWJAJ9bkAq00qscDNb3ijevjfDubTy9CwCfUoqX
tEd9mSe6RleM/4QtanBtVPY=
=emm6
-----END PGP SIGNATURE-----


---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).

Current thread:

nmap+V testic (Aug 31)
- Re: nmap+V Jay Freeman (saurik) (Aug 31)
- Re: nmap+V Fyodor (Aug 31)
  - Re: nmap+V Jamie (Aug 31)
    - Re: nmap+V Jay Freeman (saurik) (Aug 31)
    - Re: nmap+V Paul Johnston (Sep 02)
    - Re: nmap+V Jamie (Sep 02)
    - Re[2]: nmap+V Bo Cato (Sep 02)
  - Re: nmap+V Jay Freeman (saurik) (Sep 01)
    - Re: nmap+V Fyodor (Sep 01)
- <Possible follow-ups>
- Re: nmap+V testic (Aug 31)
- Re: nmap+V testic (Aug 31)
  - Re: nmap+V Jay Freeman (saurik) (Aug 31)
- Re: Re[2]: nmap+V Max (Sep 02)
  - Re: Re[2]: nmap+V Fyodor (Sep 02)

(Thread continues...)