Nmap Development mailing list archives

Re: UDP payloads

From: Tom Sellers <nmap () fadedcode net>
Date: Fri, 03 Jul 2009 21:24:51 -0500

David Fifield wrote:

....
I have in a branch code that sends protocol payloads for ports 53, 123,
137, 161, and 1434.
        svn co --username guest --password "" svn://svn.insecure.org/nmap-exp/david/nmap-payloads
The payloads are taken from nmap-service-probes. They are:



>...


I'm not an expert at any of the protocols above. So my question is, are
any of these probes too intrusive to be sent by default with every ping
or port scan probe? I'd like a yes/no for each of them before merging
the branch. For a couple of these we have options: port 53 also has
DNSVersionBindReq and port 161 also has SNMPv1public.


The SNMPv3GetRequest is safe, but I would expect that the SNMPv1public probe would
be much more likely to elicit some result given the broad deployment of SNMPv1 vs
SNMPv3.

Tom


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

UDP payloads David Fifield (Jul 03)
- Re: UDP payloads Tom Sellers (Jul 03)
  - Re: UDP payloads David Fifield (Jul 03)
- Re: UDP payloads Luis M. (Jul 04)
  - Re: UDP payloads David Fifield (Jul 04)
- Re: UDP payloads kx (Jul 04)
  - Re: UDP payloads David Fifield (Jul 04)
  - Re: UDP payloads David Fifield (Jul 22)
    - Wireshark dissections of proposed UDP payloads David Fifield (Aug 10)
    - Re: Wireshark dissections of proposed UDP payloads David Fifield (Aug 19)
    - Re: Wireshark dissections of proposed UDP payloads Henri Salo (Aug 19)
- Re: UDP payloads David Fifield (Jul 06)