Re: [PATCH] Always list SSL in case any SSL connection succeeded

[David Fifield <david () bamsoftware com>]

On Mon, Mar 02, 2009 at 09:57:42PM -0800, Fyodor wrote:
> On Mon, Mar 02, 2009 at 02:19:51PM -0700, David Fifield wrote:
> > On Mon, Mar 02, 2009 at 01:04:28PM -0800, Fyodor wrote:
> > I guess a name of "unknown" in nmap-services is there just because it's
> > syntactically required, and shouldn't be taken as the supposed name of
> > the service. Then we should add a new condition: if the service is named
> > "unknown" in nmap-services, treat it as if were not in nmap-services.
> > However it works, SSL-tunneled ports should work the same way.
>
> I agree with this.  I'll add an item to docs/TODO now.

This is done now. Here's a comparison of old and new output. The old
output is before r12396, and the new output is with r12396 and r12397.
r12396 is the patch from http://seclists.org/nmap-dev/2009/q1/0582.html
that keeps the "ssl/" prefix, and r12397 treats a port named "unknown"
as if it had no name.

Ports 80, 4430, and 4431 had a listening Ncat, and 443, 4433, and 4434
had a listening openssl s_server. Ports 4430 and 4433 have the name
"unknown" in nmap-services, and 4431 and 4434 are not listed. Port 80 is
"http" and port 443 is "https" in nmap-services.

Old output:

$ nmap localhost -sV -p 80,443,4430,4431,4433,4434
PORT     STATE SERVICE  VERSION
80/tcp   open  http?
443/tcp  open  https?
4430/tcp open  unknown?
4431/tcp open  unknown
4433/tcp open  unknown?
4434/tcp open  unknown

New output:

$ nmap localhost -sV -p 80,443,4430,4431,4433,4434
PORT     STATE SERVICE     VERSION
80/tcp   open  http?
443/tcp  open  ssl/https?
4430/tcp open  unknown
4431/tcp open  unknown
4433/tcp open  ssl/unknown
4434/tcp open  ssl/unknown

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org