Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [PATCH] showOwner.nse script causing infinite loop
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Fri, 30 May 2008 00:38:13 +0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sat, 24 May 2008 18:56:27 -0700
Fyodor <fyodor () insecure org> wrote:
...snip...
I do think that, perhaps, this script should be modified to still
allow open|filtered for TCP ports.  And then, if it gets a positive
response for a port from identd, maybe it should then mark the port as
open.  That could be useful in some situations.

Cheers,
-F


Sorry to revive a somewhat old conversation.  With the amount of
fake ident out there I think it would be a mistake to naively trust the
results.

Here is an example I just ran into:

$ telnet <host> 113
Trying <host>...
Connected to <host>.
Escape character is '^]'.
1,1
1 , 1 : USERID : JAVA : Webchat User
Connection closed by foreign host.

I can't remember the last time I saw a properly behaving ident service
on campus.

If the NSE script tries to connect to all the 'open|filtered' ports
that could take much longer than just doing -sC or -sS.  Probably not
the job for an NSE script.

Brandon

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)

iEYEARECAAYFAkg/THsACgkQqaGPzAsl94IkgACeMiPYcJcM8tW5k8PayL3PvtAC
zJMAnjMKwkAbfjFKS6J6sqD6mertkcSP
=UoXA
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]