Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Nmap 3.90 and JetDirects
From: Fyodor <fyodor () insecure org>
Date: Thu, 8 Sep 2005 15:10:43 -0700

On Thu, Sep 08, 2005 at 05:04:33PM -0500, Crenshaw, Adrian D wrote:
I’m writing an article on hacking network printers and this topic came up. One problem with Nmap scanning port 9100 
with version detection turned on is you get garbage print jobs with text like:

GET / HTTP/1.0
OPTIONS / HTTP/1.0
OPTIONS / RTSP/1.0

That corresponds to the probes Nmap is sending to try and tell what
service is running on that port. Or at least you use to, a friend said
he tested with 3.90 and that no longer happens, at least on his
JetDirect. Was something changed with 3.90 to fix the JetDirect port
9100 problems? 

Yes, by default Nmap no longer service scans 9100:

o Added "Exclude" directive to nmap-service-probes grammar which
  causes version detection to skip listed ports.  This is helpful for
  ports such as 9100.  Some printers simply print any data sent to
  that port, leading to pages of HTTP requests, SMB queries, X Windows
  probes, etc.  If you really want to scan all ports, specify
  --allports.  This patch came from Doug Hoyte (doug(a)hcsw.org).

[ http://www.insecure.org/nmap/nmap_changelog.html ]

With such a big changelog for this release, you can be forgiven for
missing it :).  I'm looking forward to your paper on hacking network
printers.

Cheers,
-F


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]