Re: Possible new device categories for service detection

[Fyodor <fyodor () insecure org>]

On Sun, Feb 08, 2009 at 10:41:19PM +0000, doug () hcsw org wrote:
> On Sun, Feb 08, 2009 at 03:33:45PM -0700 or thereabouts, David Fifield wrote:
> > On Sun, Feb 08, 2009 at 01:17:34PM -0800, Fyodor wrote:
> > > o Change 'broadband modem' to 'broadband router' (some of the other 99
> > >   in that category may technically be "modems" too).
> >
> > When I add new fingerprints I try to use the category "broadband router"
> > only if the device connects directly to the broadband service; i.e., it
> > speaks ADSL or has a cable jack in back. A lot of devices sold as
> > broadband routers are really just ordinary router/NAT devices that still
> > need to plug in to one of the aforementioned devices; for those I use
> > "router". But I am sure a lot of older prints don't follow this rule
> > strictly.
>
> Interesting. I haven't been making that distinction in the service
> probes file. I have been considering any consumer router/NAT device
> designed for cable or DSL to be "broadband router" unless it has
> wireless capabilities, then it is a WAP.

Yeah, that is generally what I've done too.  Though admittedly there
is a hard-to-define gray area between this sort of consumer "broadband
router" and traditional routers.

> Like Fyodor suggested I will write up a short description of each
> of the categories and then we can revise them and make an official list.

Great!  I think this discussion demonstrates the need.

Cheers,
-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org