|
Nmap Development
mailing list archives
Re: ssh version detection
From: Fyodor <fyodor () insecure org>
Date: Tue, 2 Sep 2008 18:31:39 -0700
On Mon, Sep 01, 2008 at 08:40:46PM -0400, Matt Selsky wrote:
OpenSSH 5.1p1 with HPN 13v5 wasn't detected by the current match line in
svn.
According to http://www.snailbook.com/docs/transport.txt ssh's version
line is supposed to end with \r\n in SSH protocol version 2. In version
1, the \r is optional.
I updated the match line to reflect that and now the match line works
for both SSHv1 and SSHv2.
Thanks, I've applied your patch.
Should other ssh match lines be updated to replace \n with \r?\n?
If someone sends me a patch which does so, for the SSH signatures
which have version number (v//) information, that sounds fine with me.
Any SSH softmatch signatures should probably be updated too.
Cheers,
-F
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
 By Date 
By Thread
Current thread:
| 
Intro
