Nmap Development mailing list archives
Re: Nmap service detection, http 1.1
From: doug () hcsw org
Date: Mon, 24 Nov 2008 16:29:07 -0800
On Mon, Nov 24, 2008 at 05:47:50PM +0100 or thereabouts, Jak0b wrote:
The service detection later fails. And my question is of course, does nmap support http 1.1? And if so, does it support it correctly or is it just this particular server that doesn't follow common standards?
No, service detection doesn't support HTTP/1.1. The HTTP-related probes use HTTP/1.0. This is unfortunate because of servers like yours that don't fall-back to 1.0 gracefully (ie give enough information to identify the server). The biggest problem with 1.1 support is that -sV doesn't usually know what to send in the Host: header field (which is required for 1.1). In theory it could use a reverse DNS lookup or any domain names provided by the user on the Nmap command line. But such results would be spotty at best and could generate confusing and unreliable fingerprints. Also, -sV doesn't parse chunked encoding which is required for HTTP/1.1 support. -sV never persists or pipelines HTTP connections. Now-a-days, I think that most of this stuff should probably be handled in NSE, not -sV. Hope this helps, Doug
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Nmap service detection, http 1.1 Jak0b (Nov 24)
- Re: Nmap service detection, http 1.1 doug (Nov 24)