Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: SMB related version detection updates

From: Royce Williams <royce () techsolvency com>
Date: Wed, 30 Mar 2016 06:11:32 -0800
On Wed, Mar 30, 2016 at 2:38 AM, Tom Sellers <nmap () fadedcode net> wrote:


FYI,
  Yesterday in commit 35748 I updated some SMB related match lines.  The intent was to
improve the scan results in preparation for dealing with Badlock.  Fixed are certain
matchlines that indicated a specific OS version such as 'Microsoft Windows NT netbios-ssn'
that actually matched newer versions of Windows including 2012 R2.  Matches that indicated
Samba 3.x have been updated as they also match Samba 4.x as well. There are also a
couple of new matchlines that help handle and capture data, particularly in cases where
responses from Samba exactly match those from Windows.

The changes were tested against Windows 7 and 8, Windows Server 2008, 2008 R2, 2012, 2012 R2
as well as Samba 3.6.x, 4.1.x, and Apple's current SMB fork.


Tom, I woke up this morning intending to request exactly this update.
You rock, sir!

For future end-user admins who will find this thread:

Until a new release is cut, I assume that the canonical best way to
use these changes is to build nmap from current Github, correct?

Royce
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: