mailing list archives
Re: Service fingerprinting submissions
From: doug () hcsw org
Date: Sat, 19 Apr 2008 12:16:19 -0700
Brandon is correct: The fingerprints are submitted to the Nmap project
with the expectation that they will not be made public. You are correct
that %90+ of the FPs don't contain sensitive data, there are many
services that will echo the IP of the scanner or the host name of
the target device etc. and these would need to be removed manually.
Honestly, your two best bets are:
* Try to use the nmap-service-probes DB. In general a match line in
this file has almost all the important information about the
submission embedded in it.
* If you have a *simple* perl script or other stats gathering
program you could send it to the list and maybe somebody from
the Nmap project will find the time to run it on the data.
They are stored in mbox format.
Description: Digital signature
Sent through the nmap-dev mailing list
Archived at http://SecLists.Org