Re: Should nmap.set_port_version support name_confidence?

[Kris Katterjohn <katterjohn () gmail com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 10/24/2008 07:54 PM, Brandon Enright wrote:
> On Fri, 24 Oct 2008 18:47:13 -0600
> David Fifield <david () bamsoftware com> wrote:
> > However, the setting of confidence and fingerprint appears to have no
> > effect. l_set_port_version in nse_nmaplib.cc doesn't read either of
> > these fields. (It has old code to read fingerprint, but it's commented
> > out.) Later in the function Port::setServiceProbeResults is called
> > with a fingerprint of NULL, which is the same as if the fingerprint
> > field had been nil, so that line has no effect.
>
> > The line setting confidence doesn't work, for one thing, because Nmap
> > calls that field name_confidence.
> > http://nmap.org/book/nse-api.html#scripting-tbl-port-version-values
> > But l_set_port_version doesn't look at name_confidence either.
>
> > Should it? Is its omission just an oversight? Does anything weird
> > happen if a service is hardmatched with a confidence of 0 (in XML
> > output or something)?
>
> > David Fifield
>
>
> Hmm, I don't even remember where I found the port.version.confidence
> and port.version.fingerprint options.  I probably looked at another
> script or some of our original NSE docs.
>
> ...fingerprint = nil should probably be deleted and the field always
> set to NULL like you describe.  I rarely look at the confidence in XML
> but since we have it, scripts should be able to set it.

I think that if it's not too much trouble, support for setting both the
fingerprint and confidence should be there, even though I too rarely pay much
attention to confidence.

And as Brandon mentioned for the confidence, I think that if some bit of
information is made available then a script should (within reason) be able to
set it.  Who knows what in-depth scripts could be written a couple of years
from now which can utilize things like the fingerprint.

> Brandon

Thanks,
Kris Katterjohn

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIVAwUBSQKajf9K37xXYl36AQL9Pw/8DcIz3N0v51bn5c4GETcCJq4nT6JExZK1
SFDe7dGIO1YMemoxpqME8Cmz0UW7rjdOVb0kfI0OLfYdgzyrOYkFNMdhbYdXlIMK
1XykW/3J9aV2TOg5oFCt6yUjrMlflmJwBa1wd+nsRztLC2ut8YKjI2M1eGQg8/sY
GT6l6+95RtF1Dkoe259h0zovmhenfiiLAm96hthXLdV+bhbhq/63bOmWrrqhlG1v
Gpu7qYO5nM3Qs/dv43HKP53ZtC3aMrqJQDUyvZU4t3DcnuEevGcO+vTRxm64pPus
xG05HREnSiJCdutak4wBtc8inkQXTOqhsJrDIkB7OsTu8M5/Bt8heoNfYx7odKCQ
VK7EOS509xjIi/QinCxIgO0puPPkWSD3TSxnYM/5dTo6cpydljuKxjKn+lrpGZHh
qupcwNWDfepOMm7UPWt97LpRfn5msPVQ9lrYb4PN5HShoXHgJpXqxPiPlebThzxN
umjFSTLP3+Oa+CezN/+4Pppq7jrpT/Y1SS1VicpsYGMQY74A4Swusseg+XFub0f1
byaIdM//hJgmxwV4AnyWdYKTkha0HbHeZrfUpuJAtwg8j/9GNym5dsxPRXEBUV/k
P+jKNUld8TGhF+val/IbhTBUAYQ6rwzkNfqlH931Y1noxoRJ1ID3za2Ihio/KTcg
ID4xmeDLyV4=
=iup7
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org