Nmap Development mailing list archives
Re: Should nmap.set_port_version support name_confidence?
From: David Fifield <david () bamsoftware com>
Date: Thu, 20 Nov 2008 11:03:25 -0700
On Fri, Oct 24, 2008 at 11:03:27PM -0500, Kris Katterjohn wrote:
On 10/24/2008 07:54 PM, Brandon Enright wrote:On Fri, 24 Oct 2008 18:47:13 -0600 David Fifield <david () bamsoftware com> wrote:However, the setting of confidence and fingerprint appears to have no effect. l_set_port_version in nse_nmaplib.cc doesn't read either of these fields. (It has old code to read fingerprint, but it's commented out.) Later in the function Port::setServiceProbeResults is called with a fingerprint of NULL, which is the same as if the fingerprint field had been nil, so that line has no effect.The line setting confidence doesn't work, for one thing, because Nmap calls that field name_confidence. http://nmap.org/book/nse-api.html#scripting-tbl-port-version-values But l_set_port_version doesn't look at name_confidence either.Should it? Is its omission just an oversight? Does anything weird happen if a service is hardmatched with a confidence of 0 (in XML output or something)?Hmm, I don't even remember where I found the port.version.confidence and port.version.fingerprint options. I probably looked at another script or some of our original NSE docs. ...fingerprint = nil should probably be deleted and the field always set to NULL like you describe. I rarely look at the confidence in XML but since we have it, scripts should be able to set it.I think that if it's not too much trouble, support for setting both the fingerprint and confidence should be there, even though I too rarely pay much attention to confidence.
I looked at this more closely and it appears that name_confidence is always set implictly based on the probestate. See Port::getServiceDeductions in portlist.cc. If it's hardmatched or softmatched then the confidence is set to 10. name_confidence is acting like a function whose value is derived from the other service detection values. So I'm leaving it alone. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Should nmap.set_port_version support name_confidence? David Fifield (Oct 24)
- Re: Should nmap.set_port_version support name_confidence? Brandon Enright (Oct 24)
- Re: Should nmap.set_port_version support name_confidence? Kris Katterjohn (Oct 24)
- Re: Should nmap.set_port_version support name_confidence? Brandon Enright (Oct 24)
- Re: Should nmap.set_port_version support name_confidence? Kris Katterjohn (Oct 24)
- Re: Should nmap.set_port_version support name_confidence? David Fifield (Oct 25)
- Re: Should nmap.set_port_version support name_confidence? Kris Katterjohn (Oct 24)
- Re: Should nmap.set_port_version support name_confidence? David Fifield (Nov 20)
- Re: Should nmap.set_port_version support name_confidence? Brandon Enright (Oct 24)