Nmap Development mailing list archives
Re: SIP version detection script
From: Matt Selsky <selsky () columbia edu>
Date: Wed, 25 Nov 2009 03:01:24 -0500
On Nov 24, 2009, at 6:13 PM, Patrik Karlsson wrote:
Thanks for the explanation. It turned out that there's no need for that dynamic stuff to be in there in order to trigger a response, at least not for the equipment I tested it against using the static probe already in nmap. I did a quick test against UDP using the static probe and got answers back that seemed equivalent to those recieved over TCP. For some reason they failed to match any of the existing lines though?
Patrik, Do you have any examples of the output you did get? I added a UDP probe was able to detect the SIP Express Router and SIP Router software running on sip.iptel.org: # nmap -sT -sV -sU -p 5060 sip.iptel.org Starting Nmap 5.05BETA1 ( http://nmap.org ) at 2009-11-25 02:50 EST Interesting ports on sip.iptel.org (213.192.59.75): PORT STATE SERVICE VERSION 5060/tcp open sip-proxy SIP Router 2.99.99-pre3 (i386/linux) 5060/udp open sip-proxy SIP Router 2.99.99-pre3 (i386/linux) Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 8.82 seconds # nmap -sT -sV -sU -p 5060 sip.iptel.org Starting Nmap 5.05BETA1 ( http://nmap.org ) at 2009-11-25 02:51 EST Interesting ports on sip.iptel.org (213.192.59.75): PORT STATE SERVICE VERSION 5060/tcp open sip-proxy SIP Express Router 2.1.0-dev23-make (i386/linux) 5060/udp open sip-proxy SIP Router 2.99.99-pre3 (i386/linux) Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 8.39 seconds Let me know what you get against your server. -- Matt
Attachment:
sip.patch
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: SIP version detection script, (continued)
- Re: SIP version detection script Matt Selsky (Nov 22)
- Re: SIP version detection script Patrik Karlsson (Nov 23)
- Re: SIP version detection script Matt Selsky (Nov 24)
- Re: SIP version detection script Patrik Karlsson (Nov 24)
- Re: SIP version detection script Matt Selsky (Nov 25)
- Re: SIP version detection script David Fifield (Nov 25)
- Re: SIP version detection script Patrik Karlsson (Nov 23)
- Re: SIP version detection script Matt Selsky (Nov 22)
- Re: SIP version detection script Patrik Karlsson (Nov 24)
- Re: SIP version detection script Fyodor (Nov 24)
- Re: SIP version detection script Patrik Karlsson (Nov 24)
- Re: SIP version detection script Matt Selsky (Nov 25)
- Re: SIP version detection script Patrik Karlsson (Nov 25)
- Re: SIP version detection script Matt Selsky (Nov 25)
- Re: SIP version detection script Patrik Karlsson (Nov 25)
- Re: SIP version detection script David Fifield (Nov 25)
- Re: SIP version detection script Patrik Karlsson (Nov 26)
- Re: SIP version detection script Matt Selsky (Nov 30)
- Re: SIP version detection script David Fifield (Dec 12)