Re: Lexmark script

[David Fifield <david () bamsoftware com>]

On Mon, Jan 04, 2010 at 11:05:46AM +0100, Patrik Karlsson wrote:
> Hi,
>
> I recently purchased a new Lexmark printer. I have added match lines for FTP and port 9100/udp that gets detected by 
> the NTPRequest probe. Port 9100/udp should be running the hbn3 protocol according to:
> http://www.lexmark.com/vgn/images/portal/Security%20Features%20of%20Lexmark%20MFPs%20v1_1.pdf
>
> IANA has no record of the HBN3 protocol running on that port so I'm a bit clueless on what to put in the match lines. 
> I have put hbn3 for the time being.
>
> The printer response with a MDNS response to the NTPRequest and the
> match line parses out very little from it for now. However, I'm also
> submitting a script that sends a MDNS request and then attempts to
> parse out the response, which is the configuration of the printer.

The script looks good, but I want you to see if you can make it work
using the dns library. If the dns library lacks some feature that you
need, it better that we improve it centrally there.

Looking at the script, it doesn't seem that the protocol uses multicast
DNS, or is any variant of Bonjour/Rendezvous/Zeroconf/DNS-SD. It looks
to me like a simple proprietary protocol using DNS as a transport. If
that's so, we can name the service hbn3, like we do for some other
protocols that run over another protocol.

Does the printer have the same service on 5353/udp? If not, then the
script shouldn't run for that port.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/