Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

regarding set_port_version probestates

From: Toni Ruottu <toni.ruottu () iki fi>
Date: Sat, 1 Jan 2011 14:40:25 +0200
I am trying to find a way to express protocol/version assumptions from
NSE scripts. Sometimes exploring host A reveals information about host
B. For example host A could be running Gnutella and it might tell me
it is connected to host B's port 12345. This information justifies
running any gnutella protocol scripts against B:12345, but it does not
justify reporting B:12345 as being open nor does it justify reporting
that B:12345 is a gnutella server. A could be evil or broken.
Ofcourse, if we get to run gnutella scripts against B:12345 we may be
able to identify it as open or gnutella. On the other hand reporting
these assumptions to user may be useful as long as it is made clear
that they might be wrong. Can I use one of the probestates for this?

  --Toni
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: