Nmap Development mailing list archives
Re: [nmap-svn] r35956 - nmap
From: Daniel Miller <bonsaiviking () gmail com>
Date: Wed, 17 Aug 2016 22:03:48 -0500
Tom, After removing this, does a later probe more correctly match Docker? I keep getting service submissions for ServeRAID with this response for GenericLines, GetRequest, HTTPOptions, RTSPRequest, Help, SSLSessionReq, TLSSessionReq, Kerberos, FourOhFourRequest, LPDString, and SIPOptions. Would putting it under any of those avoid matching Docker? Thanks, Dan On Wed, Jul 6, 2016 at 2:36 PM, <commit-mailer () nmap org> wrote:
Author: tomsellers Date: Wed Jul 6 12:36:12 2016 New Revision: 35956 Log: Remove generic matchline causing FP against Docker Modified: nmap/nmap-service-probes Modified: nmap/nmap-service-probes ============================================================ ================== --- nmap/nmap-service-probes (original) +++ nmap/nmap-service-probes Wed Jul 6 12:36:12 2016 @@ -9589,7 +9589,6 @@ #match http m|^HTTP/1\.0 404 Not Found\r\nConnection: close\r\n\r\n$| p/apt-proxy httpd/ # Fairly general: -match http m|^HTTP/1\.1 400 Bad Request\r\n\r\n$| p/IBM ServeRAID controller httpd/ d/storage-misc/ # http://svn.dd-wrt.com:8000/dd-wrt/browser/src/router/httpd/httpd.c match http m|^HTTP/1\.[01] \d\d\d .*\r\nServer: micro_httpd\r\n| p/micro_httpd/ cpe:/a:acme:micro_httpd/ match http m|^HTTP/1\.0 200 OK\r\nServer: RapidLogic/([\d.]+)\r\n| p/RapidLogic httpd/ v/$1/ cpe:/a:rapidlogic:httpd:$1/ _______________________________________________ Sent through the svn mailing list https://nmap.org/mailman/listinfo/svn
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [nmap-svn] r35956 - nmap Daniel Miller (Aug 17)