Nmap Development mailing list archives
Re: Scanning Printers
From: Hari Sekhon <hpsekhon () googlemail com>
Date: Wed, 27 Sep 2006 11:40:55 +0100
Thanks Doug, I realised this must be changeable after emailing Fyodor and poked around myself last night, found the line with exclude for 9100 and changed it to the following: Exclude T:9100-9107 This worked for me. I've tested with the old Exclude T:9100 and loads of junk gets printed 7 ports (other than 9100) x the headers sent = lots of wasted paper ! But after changing the line to "Exclude T:9100-9107" in the nmap-service-probes file my printers haven't printed anything from the probes since service detection headers don't get sent to the JetDirect ports now. Would it be possible to change this in the next release of Nmap so it's the default? Who should I speak to about that? Thanks -h -- Hari Sekhon doug () hcsw org wrote:
Hi Hari! Good question and as Fyodor pointed out in a previous post, the ports excluded from version scans are specified by the Exclude directive in the nmap-service-probes file as described here: http://insecure.org/nmap/vscan/vscan-fileformat.html The current version http://insecure.org/nmap/data/nmap-service-probes has the following line: Exclude T:9100 so Nmap only excludes TCP port 9100. When I added this feature I didn't know that some printers also do this on ports 9101-9107! I guess we need to decide whether to add these ports to the default Exclude directive or not. As you realise, the entire practice of skipping version detection on certain ports opens up a small hole. Hiding daemons on these ports potentially becomes somewhat easier - except obviously not against intelligent users like yourself who understand this. :) I don't know of any other common uses for these ports and see no reason to not add them to the default Exclude directive. Anyone? Best, Doug
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Scanning Printers Hari Sekhon (Sep 26)
- Re: Scanning Printers Fyodor (Sep 26)
- Re: Scanning Printers Hari Sekhon (Sep 26)
- Re: Scanning Printers doug (Sep 26)
- Re: Scanning Printers Hari Sekhon (Sep 27)
- Re: Scanning Printers Fyodor (Sep 28)
- Re: Scanning Printers Hari Sekhon (Sep 26)
- Re: Scanning Printers Fyodor (Sep 26)