mailing list archives
Re: Service Detection: BMC Configuration Management
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Wed, 11 Jun 2008 23:09:33 +0000
-----BEGIN PGP SIGNED MESSAGE-----
On Wed, 11 Jun 2008 17:50:34 -0500 or thereabouts Tom Sellers
<nmap () fadedcode net> wrote:
I have attached a pair of match lines that detect the client side
portion of the BMC (formerly Marimba) Configuration Management
software. The client portion is called a Tuner and typically lives
on port 7717. Depending on the state of the software the service
will return either a 200 or 401 response to the GetRequest probe.
The product section says "BMC(Marimba) Configuration Management". I
wasn't satisfied with it but I could not figure out how to escape a
"/" in the p// section.
Hey Tom, these look pretty good. I have a few comments:
* You place capturing parens around HTTP... which slow down PCRE.
* You use HTTP/1.0 200 for one match and 1.1 401 for the other. Can
these codes be returned for just those respective versions of HTTP?
* You can use the same p|| trick to embed '/' that you used with m||.
Any paired delimiter will work (), ##, , etc.
If you adjust these match lines I'm sure they will be able to be
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
-----END PGP SIGNATURE-----
Sent through the nmap-dev mailing list
Archived at http://SecLists.Org