Nmap Development mailing list archives

Re: quake3 opportunistic portrule

From: Toni Ruottu <toni.ruottu () iki fi>
Date: Mon, 10 Jan 2011 10:17:18 +0200

Here is another probe that detects the getserversExt support. Presence
of the command implies that the server is Dpmaster 2.0 or later. I put
the v/2.0/ as I could not figure out a convention for stating "or
later". Feel free to change that as you see fit. You can use
nmap -sV -p 27950 -sU -Pn master.urbanterror.net master.quake3arena.com
to test the probe. master.quake3arena.com does not support the
feature, but master.urbanterror.net does. Also master.urbanterror.net
did not know about the game I am using in the probe while I was
testing it, so it is a good test candidate.

On Sat, Jan 8, 2011 at 7:05 AM, David Fifield <david () bamsoftware com> wrote:

On Thu, Jan 06, 2011 at 10:55:10PM +0200, Toni Ruottu wrote:

That would not be possible as many master servers are used for
multiple games simultaneously, but it also would not be correct.
Version detection is supposed to tell the protocol and possibly the
version of the server, but not what the server is used for.

When the master server is asked to provide server addresses for a game
version it is not aware of it will send an empty list, so the version
detection probe and matchline should work even when the master is not
aware of any servers for protocol 68.


Okay, I agree with you. I added the probe.

We should probably call the protocol dpmaster instead of
quake3-master. Setting the product name probably does not make sense
unless we find a way of identifying different implementations of the
protocol. For example, if we could find a difference in Dpmaster and
the server IdSoftware wrote, we could use product names to underline
that.


I changed it back to quake3-master because I think dpmaster is a
specific implementation. I'm not sure that quake3-master is the best
name either, but it makes sense if the protocol was introduced with
Quake 3. (I don't know if it was.)

David Fifield

Attachment: dpmaster2-probe.patch
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Re: quake3 opportunistic portrule, (continued)
- - Re: quake3 opportunistic portrule Toni Ruottu (Jan 01)
  - Re: quake3 opportunistic portrule David Fifield (Jan 01)
    - Re: quake3 opportunistic portrule Toni Ruottu (Jan 02)
    - Re: quake3 opportunistic portrule David Fifield (Jan 02)
    - Re: quake3 opportunistic portrule Toni Ruottu (Jan 06)
    - Re: quake3 opportunistic portrule David Fifield (Jan 06)
    - Re: quake3 opportunistic portrule Toni Ruottu (Jan 06)
    - Re: quake3 opportunistic portrule David Fifield (Jan 06)
    - Re: quake3 opportunistic portrule Toni Ruottu (Jan 06)
    - Re: quake3 opportunistic portrule David Fifield (Jan 07)
    - Re: quake3 opportunistic portrule Toni Ruottu (Jan 10)
    - Re: quake3 opportunistic portrule David Fifield (Jan 10)