Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Service fingerprinting submissions
From: doug () hcsw org
Date: Sat, 19 Apr 2008 12:16:19 -0700

Hi Tavaris,

Brandon is correct: The fingerprints are submitted to the Nmap project
with the expectation that they will not be made public. You are correct
that %90+ of the FPs don't contain sensitive data, there are many
services that will echo the IP of the scanner or the host name of
the target device etc. and these would need to be removed manually.
Honestly, your two best bets are:
  * Try to use the nmap-service-probes DB. In general a match line in
    this file has almost all the important information about the
    submission embedded in it.
  * If you have a *simple* perl script or other stats gathering
    program you could send it to the list and maybe somebody from
    the Nmap project will find the time to run it on the data.
    They are stored in mbox format.

Best,

Doug

Attachment: signature.asc
Description: Digital signature


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault