Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NSE] Script to enhance mainframe TN3270 detection

From: Daniel Miller <bonsaiviking () gmail com>
Date: Sun, 1 Nov 2015 22:50:59 -0600
SoF,

Sorry it's taken me so long to get to your scripts! I hope to have them put
through this week. I just had one final question on this one: Does the
protocol require the back-and-forth of WILL TERMINAL TYPE/SEND TERMINAL
TYPE/TERMINAL TYPE, or will it respond directly if we send the 3270
terminal type immediately? I ask because if so, then we can turn this into
a service probe. Example:

Probe NULL
softmatch tn3270 m|^\xff\xfd\($| p/IBM Telnet TN3270/
# General-purpose telnet softmatch
softmatch telnet m=^(?:\xff(?:[\xfb-\xfe].|\xf0|\xfa..))+[\0-\x7f]=

Probe TCP tn3270 q|\xff\xfb\x18\xff\xfa\x18\x00IBM-3279-4-E\xff\xf0|

match tn3270 m|something that matches here|

Then we can start gathering specific match info from various versions,
instead of simply identifying the service via this script. What do you
think?

Dan

P.S. What's the best name to address you by?

On Fri, Sep 4, 2015 at 6:09 PM, Main Framed <mainframed767 () gmail com> wrote:


Based on the change to nmap-service-probes (previously submitted) this
script will further help identify mainframes that only show up as
telnet/telnets (due to IAC DO TTYPE).

--
Soldier of Fortran
@mainframed767

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/


_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: