Nmap Development mailing list archives

Re: Lexmark matches

From: David Fifield <david () bamsoftware com>
Date: Tue, 12 Jan 2010 13:59:00 -0700

On Mon, Jan 04, 2010 at 11:05:46AM +0100, Patrik Karlsson wrote:

Hi,

I recently purchased a new Lexmark printer. I have added match lines for FTP and port 9100/udp that gets detected by 
the NTPRequest probe. Port 9100/udp should be running the hbn3 protocol according to:
http://www.lexmark.com/vgn/images/portal/Security%20Features%20of%20Lexmark%20MFPs%20v1_1.pdf


Hmm, this HBN3 protocol is mysterious.

"Lexmark 7500 Series Printer - GPL?"
http://blog.trumpton.org.uk/2008/12/lexmark-x7500-multi-function-printer.html
"Lexmark Reverse Engineering Project"
http://www.awakecoding.com/index.php?view=article&id=9
"Lexmark x4690 Reverse Engineering"
http://www.binrev.com/forums/index.php/topic/40882-lexmark-x4690-reverse-engineering/

As best as I can tell, the "HBN3" running on TCP and UDP is different.
The web pages say that 9100/tcp looks like JetDirect and you've found
that 9100/udp looks like mDNS.

I committed your patch. I used your provisional name of hbn3 for the
servive, but if it turns out to really be mDNS then we can relabel it.
That's one of the things I like about Nmap, when it can cut through the
marketing speak and determine that some whiz-bang administrative
protocol is really Telnet or something like that.

I'm looking at the HBN3 script now.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Lexmark matches and script Patrik Karlsson (Jan 04)
- Re: Lexmark matches David Fifield (Jan 12)
  - Re: Lexmark matches Patrik Karlsson (Jan 12)
- Re: Lexmark script David Fifield (Jan 12)
  - Re: Lexmark script Patrik Karlsson (Jan 13)
    - Re: Lexmark script David Fifield (Jan 22)
    - Re: Lexmark script Patrik Karlsson (Jan 23)
    - Re: Lexmark script David Fifield (Jan 29)