|
Security Basics
mailing list archives
Re: Seeking NMAP Version Detection dataset
From: Nick Besant <lists () hwf cc>
Date: Tue, 06 Nov 2012 10:00:33 +0000
Hi.
A couple of suggestions;
1. Download the source code for nmap and have a browse to see how the
fingerprinting works - [1]
2. Quick search for "nmap fingerprint database" shows up a
BackTrack-specific shell script [2] which includes a reference to
[3]<https://svn.nmap.org/nmap/nmap-os-db>, which is a copy of the
database (part of the source tree from 1 above)
[1] http://nmap.org/download.html
[2] http://www.backtrack-linux.org/forums/showthread.php?t=28006
[3] https://svn.nmap.org/nmap/nmap-os-db
Regards
Nick
On 06/11/2012 00:37, billy wrote:
Hi,
I'm working on a project for school which involves correlating version
detection output from NMAP with a local copy of OSVDB to identify
(possible) vulnerabilities quickly. Thus far I have been able to run
NMAP against 'metasploitable' as well as other similar environments I
have the resources to simulate, but this provides a very limited basis
for testing.
I am seeking a large dataset of NMAP version detection output,
especially for proprietary products that I do not have the financial
resources to obtain. I was hoping that nmap's source code would
contain something to but the file 'nmap-service-probes' is composed of
intense regular expressions and even if I took the time to read them
all and write out the possibilities I'm apprehensive to do so for two
reasons: humans make mistakes and my time to work on this is limited.
The Nmap Fingerprint Database
(http://insecure.org/cgi-bin/submit.cgi?new-service) looks like it has
what I am looking for, but I can only find a submit fingerprint page,
it does not appear to have public lookup/browsing capability.
If anyone has any suggestions, even if it's a relatively incomplete
list of versions nmap can detect, please let me know.
If this was the incorrect place to post this and anyone has a
suggestion on where else I could ask this question also let me know.
Thank you for reading,
Bill
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works,
how it benefits your company and how your customers can tell if a site is secure. You will find out how to test,
purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for
set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital
certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase,
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
|
