Nmap Development mailing list archives

Re: Possible new device categories for service detection

From: Fyodor <fyodor () insecure org>
Date: Wed, 11 Feb 2009 00:08:16 -0800

On Wed, Feb 11, 2009 at 02:20:59AM +0000, doug () hcsw org wrote:

Hi Fyodor,

On Sun, Feb 08, 2009 at 02:52:24PM -0800 or thereabouts, Fyodor wrote:

On Sun, Feb 08, 2009 at 10:41:19PM +0000, doug () hcsw org wrote:

Like Fyodor suggested I will write up a short description of each
of the categories and then we can revise them and make an official list.


Great!  I think this discussion demonstrates the need.


I re-read your earlier message and noticed these modifications:

o Put 'projector' into 'media device'
o Change 'broadband modem' to 'broadband router'

Do you want me to revise my device type list and add it to the
docs somewhere?


Hm, I didn't realize that nmap-service-probes had projectors too.
Maybe it is worth having its own category.  Or perhaps what would be
best is splitting up 'media device' into something like 'media
display' (so we could combine TVs, projectors, etc.) and then maybe
leave 'media device' or have a new name for things like DVRs and other
media boxes wich control displays.  I'm not sure if this is worth
doing or not.  You're right that there are projectors in
'specialized'.  We should, at the very minimize, canonicalize it so
they are all in the same category, whichever one that is.

Maybe the best place for now is just to check the list into
nmap/docs/(whatevername).  Then it can be a sort of poor hacker's wiki
and we can all edit it as desire.  Then when that editing is done, we
can put it into os-detection.xml.

Hm. You said you think it should go in the
OS detection chapter but I guess it's equally applicable to
service detection. Maybe some section common to both chapters?


I like the idea of putting it into os-detection.xml, but referencing
it from the version detection chapter too.  The d// stuff in
nmap-service-probes is sort of a "hack" to allow version detection to
encroach on OS detection's turf.  But to do so in a way that adds
extra value that you don't get with plain TCP/IP fingerprinting OS
detection.

Cheers,
-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

Possible new device categories for service detection doug (Feb 08)
- Re: Possible new device categories for service detection Fyodor (Feb 08)
  - Re: Possible new device categories for service detection David Fifield (Feb 08)
    - Re: Possible new device categories for service detection doug (Feb 08)
    - Re: Possible new device categories for service detection Brandon Enright (Feb 08)
    - Re: Possible new device categories for service detection Fyodor (Feb 08)
    - Re: Possible new device categories for service detection doug (Feb 10)
    - Re: Possible new device categories for service detection doug (Feb 10)
    - Re: Possible new device categories for service detection Fyodor (Feb 11)
    - Re: Possible new device categories for service detection doug (Feb 11)
    - Re: Possible new device categories for service detection David Fifield (Feb 08)
    - Re: Possible new device categories for service detection Fyodor (Feb 08)
    - Re: Possible new device categories for service detection doug (Feb 08)
    - Re: Possible new device categories for service detection David Fifield (Feb 20)
    - Re: Possible new device categories for service detection David Fifield (Feb 20)
    - Re: Possible new device categories for service detection doug (Feb 20)
    - Re: Possible new device categories for service detection Fyodor (Feb 20)
    - Re: Possible new device categories for service detection David Fifield (Feb 25)
  - Re: Possible new device categories for service detection A. Ramos (Feb 08)

(Thread continues...)