Nmap Development mailing list archives
Re: Response to David/Service Probes
From: David Fifield <david () bamsoftware com>
Date: Sun, 25 Oct 2009 22:40:22 -0600
On Sat, Oct 24, 2009 at 04:10:21AM +0000, mike wrote:
now that i see how you explained that to me, i understand my error. so basically nmap only offers a few probes we have to use for solicitation of the response, right? the match lines are simply service responses that are sent back when sending an empy payload, correct?
Well, the match lines are for responses to any of the probes, not just the NULL probe (empty payload). But yes, that's right.
did anyone come up with anything reguarding the error i send to the forum previously involving the script scan attempt and getting back this: NSOCK (6.5000s) nsock_loop() started (timeout=50ms). 1 events pending NSOCK (6.5630s) nsock_loop() started (timeout=50ms). 1 events pending NSOCK (6.6250s) nsock_loop() started (timeout=50ms). 1 events pending NSOCK (6.6880s) nsock_loop() started (timeout=50ms). 1 events pending NSOCK (6.7500s) nsock_loop() started (timeout=50ms). 1 events pending NSOCK (6.8130s) Callback: READ TIMEOUT for EID 34 [127.0.0.1:1723] NSOCK (6.8130s) nsock_loop() started (timeout=50ms). 0 events pending NSE: TCP 127.0.0.1:3934 > 127.0.0.1:1723 | CLOSE NSE: 'pptp-version' (thread: 010A67E0) threw an error! TIMEOUT stack traceback: [C]: in function 'try' ./pptp-version.nse:43: in function <./pptp-version.nse:17> (tail call): ? Completed NSE at 03:59, 5.28s elapsed nmap args were as follows nmap -sT -v -n -P0 --max-retries 1 -ttl 64 -script=pptp-version.nse -p 1723 -reason (target) i understand the timeout and service not listening/responding...but why the error report? shouldn't "TIMED OUT" be enough?
That's just a normal error message and is nothing to worry about. The stack trace may be surprising but it's useful for script developers and users. That script should probably be modified to catch timeouts like that and exit silently.
also quickly, and maybe a bit nitpicky as well, i saw the probe ""SMBProgNeg"---should this be changed to SMBProtNeg for Negotiate Protocol?
That's a good question. Does anyone know the origin of that name? David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: Response to David/Service Probes mike (Oct 23)
- Re: Response to David/Service Probes David Fifield (Oct 25)