Nmap Development mailing list archives
Re: Service fingerprinting submissions
From: doug () hcsw org
Date: Sat, 19 Apr 2008 12:16:19 -0700
Hi Tavaris,
Brandon is correct: The fingerprints are submitted to the Nmap project
with the expectation that they will not be made public. You are correct
that %90+ of the FPs don't contain sensitive data, there are many
services that will echo the IP of the scanner or the host name of
the target device etc. and these would need to be removed manually.
Honestly, your two best bets are:
* Try to use the nmap-service-probes DB. In general a match line in
this file has almost all the important information about the
submission embedded in it.
* If you have a *simple* perl script or other stats gathering
program you could send it to the list and maybe somebody from
the Nmap project will find the time to run it on the data.
They are stored in mbox format.
Best,
Doug
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Service fingerprinting submissions Thomas Tavaris J (Tavaris) (Apr 18)
- Re: Service fingerprinting submissions Brandon Enright (Apr 18)
- RE: Service fingerprinting submissions Thomas Tavaris J (Tavaris) (Apr 18)
- Re: Service fingerprinting submissions doug (Apr 19)
- services on 64 bit machines swapna prasad (Apr 20)
- Re: services on 64 bit machines doug (Apr 21)
- RE: Service fingerprinting submissions Thomas Tavaris J (Tavaris) (Apr 18)
- Re: Service fingerprinting submissions Brandon Enright (Apr 18)
- <Possible follow-ups>
- Re: Service fingerprinting submissions Gutek (Apr 19)