Nmap Development mailing list archives
Re: [RFC] Detect certain Citrix application browsing services
From: David Fifield <david () bamsoftware com>
Date: Tue, 24 Nov 2009 11:09:00 -0700
On Mon, Nov 16, 2009 at 02:07:34AM -0800, Fyodor wrote:
On Sun, Nov 15, 2009 at 08:13:55PM -0700, David Fifield wrote:On Fri, Nov 13, 2009 at 04:54:35PM -0600, Thomas Buchanan wrote:I'm looking for feedback on a couple of aspects of the patches. First, how should one determine the frequency values when adding entries to nmap-services? I used a value from the next closest port, but that seems pretty arbitrary.We have a record for port 1604/udp in the master nmap-services-all file, but because it has a frequency of 0 it is left out of the smaller nmap-services file. unknown 1604/udp 0/3027If we have reason to believe the port is interesting, I think it is OK to just bump this up to 1/3027 and that should get it added to nmap-services. Eventually we will get better UDP data (ours is pretty limited for ports like this which were unnamed), but for now a little manual adjustment or two is fine. That can be useful not just for missed services, but for new ones which have become popular since the most recent port frequency survey.
For what it's worth, I tried nmap -PU1604 -sP -iR 10000 -n --reason using the Citrix payload and got # Nmap done at Tue Nov 24 10:38:48 2009 -- 10000 IP addresses (189 hosts up) scanned in 151.77 seconds But all the up hosts were because of destination unreachable replies, none from udp-response. In this case the UDP payload didn't help. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [RFC] Detect certain Citrix application browsing services Thomas Buchanan (Nov 13)
- Re: [RFC] Detect certain Citrix application browsing services David Fifield (Nov 15)
- Re: [RFC] Detect certain Citrix application browsing services Fyodor (Nov 16)
- Re: [RFC] Detect certain Citrix application browsing services David Fifield (Nov 24)
- Re: [RFC] Detect certain Citrix application browsing services Thomas Buchanan (Nov 16)
- Re: [RFC] Detect certain Citrix application browsing services David Fifield (Nov 16)
- Re: [RFC] Detect certain Citrix application browsing services Thomas Buchanan (Nov 16)
- Re: [RFC] Detect certain Citrix application browsing services Thomas Buchanan (Nov 23)
- Re: [RFC] Detect certain Citrix application browsing services David Fifield (Nov 24)
- Re: [RFC] Detect certain Citrix application browsing services Thomas Buchanan (Nov 25)
- Re: [RFC] Detect certain Citrix application browsing services David Fifield (Nov 25)
- Re: [RFC] Detect certain Citrix application browsing services Fyodor (Nov 16)
- Re: [RFC] Detect certain Citrix application browsing services David Fifield (Nov 15)