Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Banner Grabbing
From: Bradley Kite <bradley () deathsgate demon co uk>
Date: Sat, 29 Jun 2002 12:47:55 +0100

Hi there Sean.

I am currently halfway through writing a patch that:

A: Logs direct to PostgreSQL database.
B: Captures banners on TCP connections (and logs to postgres too...)

I will post it to this list as soon as its complete.

--
Brad.

On Thu, Jun 27, 2002 at 05:43:09AM -0700, Sean Donner wrote:
Mailing-List: contact nmap-dev-help () insecure org; run by ezmlm
Precedence: bulk
List-Post: <mailto:nmap-dev () insecure org>
List-Help: <mailto:nmap-dev-help () insecure org>
List-Unsubscribe: <mailto:nmap-dev-unsubscribe () insecure org>
List-Subscribe: <mailto:nmap-dev-subscribe () insecure org>
Delivered-To: mailing list nmap-dev () insecure org
From: "Sean Donner" <seand () maximus homelinux net>
To: <nmap-dev () insecure org>
Subject: Banner Grabbing
Date: Thu, 27 Jun 2002 05:43:09 -0700
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000

I think the one thing that this scanner is really missing is banner grabbing.  With this option implemented into 
nmap, you could scan your network and see which services are giving up too much info, telnet is espeically guilty of 
this. I would imagine that this option would not be too hard to implement, although it would require a full tcp 
handshake and thus toss stealth scanning out the door with this on.  A good idea would to also send a "HEAD / 
HTTP/1.0" command if a timeout occured while trying to grab a banner.  Im new to this mailing list, so im not sure if 
this has been talked about before but I did not see it in any of the archives.  Feedback is much appreciated. Thanks

-- 
Software Developer/Data Management Specialist
Alchemetics Ltd, http://www.alchemetrics.co.uk
pgp key: http://www.deathsgate.demon.co.uk/bradley.key.asc


Attachment: _bin
Description:


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]