Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Nmap Development: nmap-3.93 UDP service fingerprinting does not show the match

nmap-3.93 UDP service fingerprinting does not show the match

From: Martin Mačok <martin.macok_at_underground.cz>
Date: Fri, 21 Oct 2005 09:57:35 +0200

Running nmap UDP version scanning against service with fingerprint in
the database does not print the match:

# nmap -P0 -d --version_trace -sUV -p53 localhost
[..]
Service scan match (Probe DNSVersionBindReq matched with DNSVersionBindReq): localhost (127.0.0.1):53 is domain. Version: |pdnsd|||
[..]
53/udp open domain?

Martin Mačok
ICT Security Consultant

Full dump:

# nmap -P0 -d --version_trace -sUV -p53 localhost

Starting nmap 3.93 ( http://www.insecure.org/nmap/ ) at 2005-10-21 09:48 CEST
The max # of sockets we are using is: 0
Initiating UDP Scan against localhost (127.0.0.1) [1 port] at 09:48
Packet capture filter (device lo): dst host 127.0.0.1 and (icmp or (udp and (src host 127.0.0.1)))
Discovered open|filtered port 53/udp on 127.0.0.1
The UDP Scan took 2.01s to scan 1 total ports.
Fetchfile found /usr/share/nmap/nmap-service-probes

Initiating service scan against 1 service on localhost (127.0.0.1) at 09:48
Starting probes against new service: 127.0.0.1:53 (udp)
NSOCK (2.0480s) UDP connection requested to 127.0.0.1:53 (IOD #1) EID 8
NSOCK (2.0480s) nsock_loop() started (no timeout). 1 events pending
NSOCK (2.0480s) Callback: CONNECT SUCCESS for EID 8 [127.0.0.1:53]
NSOCK (2.0480s) Write request for 30 bytes to IOD #1 EID 19 [127.0.0.1:53]: .............version.bind.....
NSOCK (2.0480s) Read request from IOD #1 [127.0.0.1:53] (timeout: 5000ms) EID 26
NSOCK (2.0480s) Callback: WRITE SUCCESS for EID 19 [127.0.0.1:53]
NSOCK (2.0480s) Callback: READ SUCCESS for EID 26 [127.0.0.1:53] (30 bytes): .............version.bind.....
Discovered open port 53/udp on 127.0.0.1
Service scan match (Probe DNSVersionBindReq matched with DNSVersionBindReq): localhost (127.0.0.1):53 is domain. Version: |pdnsd|||
The service scan took 0.00s to scan 1 service on 1 host.
Starting RPC scan against localhost (127.0.0.1)
Fetchfile found /usr/share/nmap/nmap-rpc

Fetchfile found /usr/share/nmap/nmap-services

Host localhost (127.0.0.1) appears to be up ... good.
Interesting ports on localhost (127.0.0.1):
PORT STATE SERVICE VERSION
53/udp open domain?

Final times for host: srtt: -1 rttvar: -1 to: 1000000

Nmap finished: 1 IP address (1 host up) scanned in 2.054 seconds
               Raw packets sent: 2 (56B) | Rcvd: 2 (56B)

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Received on Oct 21 2005

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos