RE: Nmap 3.90 and JetDirects

["Crenshaw, Adrian D" <adrian () ius edu>]

Thanks for the information Fyodor. I should have RTFCL. 

Adrian

-----Original Message-----
From:   Fyodor [mailto:fyodor () insecure org]
Sent:   Thu 9/8/2005 5:10 PM
To:     Crenshaw, Adrian D
Cc:     nmap-dev () insecure org
Subject:        Re: Nmap 3.90 and JetDirects
On Thu, Sep 08, 2005 at 05:04:33PM -0500, Crenshaw, Adrian D wrote:
> I’m writing an article on hacking network printers and this topic came up. One problem with Nmap scanning port 9100 
> with version detection turned on is you get garbage print jobs with text like:
>
> GET / HTTP/1.0
> OPTIONS / HTTP/1.0
> OPTIONS / RTSP/1.0
>
> That corresponds to the probes Nmap is sending to try and tell what
> service is running on that port. Or at least you use to, a friend said
> he tested with 3.90 and that no longer happens, at least on his
> JetDirect. Was something changed with 3.90 to fix the JetDirect port
> 9100 problems? 

Yes, by default Nmap no longer service scans 9100:

o Added "Exclude" directive to nmap-service-probes grammar which
  causes version detection to skip listed ports.  This is helpful for
  ports such as 9100.  Some printers simply print any data sent to
  that port, leading to pages of HTTP requests, SMB queries, X Windows
  probes, etc.  If you really want to scan all ports, specify
  --allports.  This patch came from Doug Hoyte (doug(a)hcsw.org).

[ http://www.insecure.org/nmap/nmap_changelog.html ]

With such a big changelog for this release, you can be forgiven for
missing it :).  I'm looking forward to your paper on hacking network
printers.

Cheers,
-F




_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev