Nmap Development mailing list archives
Re: More Service Detection notes: HTTP, FTP, DNS, etc
From: Fyodor <fyodor () insecure org>
Date: Mon, 8 May 2006 23:19:57 -0700
On Mon, May 08, 2006 at 11:12:52PM -0700, doug () hcsw org wrote:
Here are some more notes on this last batch of fingerprints: http://hcsw.org/blog.pl?a=13&b=16
I'm still reading :). You note:
I finally made the difficult decision to re-include apt-proxy into the probes file. This is, unfortunatley, too general of a match line and results in a few (I hope) extremely rare mis-identifications. The sheer number of independant submissions (20+) convinced me! # This one can cause false results! match http m|^HTTP/1\.0 404 Not Found\r\nConnection: close\r\n\r\n$| p/apt-proxy httpd/
Does any one here know what sort of request apt-proxy expects? If there is a path which always exists there, we could add a special high-rarity probe for it near the end of the file. If someone wants to sniff a session against such a server, we may be able to do the rest. I share Doug's worry that this line will prove to be too general. But you never know! Maybe it really is unique to apt-proxy. Cheers, -F _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- More Service Detection notes: HTTP, FTP, DNS, etc doug (May 08)
- Re: More Service Detection notes: HTTP, FTP, DNS, etc Fyodor (May 08)
- Re: More Service Detection notes: HTTP, FTP, DNS, etc Fyodor (May 19)
- Re: More Service Detection notes: HTTP, FTP, DNS, etc doug (May 19)
- Re: More Service Detection notes: HTTP, FTP, DNS, etc Fyodor (May 19)
- Re: More Service Detection notes: HTTP, FTP, DNS, etc Fyodor (May 19)
- Re: More Service Detection notes: HTTP, FTP, DNS, etc Fyodor (May 08)
- Re: More Service Detection notes: HTTP, FTP, DNS, etc Fyodor (May 08)