Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos

Nmap Development: Re: Nmap Issues/ Suggestoins / Question

Re: Nmap Issues/ Suggestoins / Question

From: Brett Cunningham <cssniper22_at_gmail.com>
Date: Sun, 11 Mar 2007 16:25:48 -0500

> 3. If a scan reports a service running that Nmap does not know about
> what is the best way to try and trace down what that service might be so
> I can send in an accurate fingerprint (on a Windows box)?

Depends on what that service is, but if it listens with tcp, I usually
telnet to the port and it can give you a lot of information. When that
fails, look up the service associated with that port and test it out with
the appropriate tool. Other than that, there's not really a sure way to test
for it as far as I know.

Did you have a specific service in mind? If you provided the details, I'm
sure someone would know.

On 3/9/07, Fyodor <fyodor_at_insecure.org> wrote:
>
> On Fri, Mar 09, 2007 at 08:05:58PM -0600, Alan Jones wrote:
> >
> > -- It would be really really nice if Nmap would report all IP addresses
> > that a name resolves to not just one address. What If I wanted to know
> > the second address (or 3rd) address so I could scan that?
>
> Hi Alan! Perhaps you are right that Nmap should report the other
> non-scanned addresses (at least in the XML or in verbose mode). But
> for now, 'host' does the trick pretty easily:
>
> flog> host microsoft.com
> microsoft.com has address 207.46.197.32
> microsoft.com has address 207.46.232.182
>
> > --The problem I had though was Nmap said it would scan the address it
> > reported and resolved from the name of the two but it did not finish the
> > scan and report anything.
>
> Hmmm ... it certainly should finish! We would need more details to
> investigate.
>
> > 2. I was curious if there were any guesses on 4.21 Alpha 2 binaries
> > would be released along with newer OS and Services Signatures?
>
> Within a week, I hope! I've been doing submission integration
> constantly over the last few days and have checked my latest updates
> into SVN. I am currently working on submission #252 out of 1,014 and
> I'm trying to do at least 100-200 per day.
>
> > 3. If a scan reports a service running that Nmap does not know about
> > what is the best way to try and trace down what that service might be so
> > I can send in an accurate fingerprint (on a Windows box)?
>
> Maybe someone else can give good advice on this one.
>
> > 4. When scanning things like our Ricoh MFPs (multi-function printers)
> > nmap reports several services it does not recognize. However that is
> > all part of the propriety configuration of the machine. Is there
> > anything I could send in to help with these to to help others when they
> > are scanning their network?
>
> If the output contains confidential information, you can 'x' that out
> and put a clear description of what you have done in the summary
> field. Be sure to put one 'x' per character you remove so the
> alignment isn't affected in a bad way. Or you can create, test, and
> send a new signature. Instructions are at
> http://insecure.org/nmap/vscan/ .
>
> I did receive your Ricoh OS fingerprint submissions (not all integrated
> yet). Thanks!
>
> Cheers,
> Fyodor
>
> _______________________________________________
> Sent through the nmap-dev mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-dev
> Archived at http://SecLists.Org
>

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Mar 11 2007

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]