Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: some ssl version scanning not working
From: Matt Selsky <selsky () columbia edu>
Date: Mon, 3 Jan 2011 13:31:28 -0500


On Jan 1, 2011, at 8:20 PM, David Fifield wrote:

On Fri, Dec 31, 2010 at 03:14:13AM -0500, Matt Selsky wrote:
I'm having trouble scanning some SSL services (Oracle Enterprise Manager
agents in this case) that used to work.  I'm running svn trunk...

$ ./nmap --datadir . -sV -p3872 -d angelica

Starting Nmap 5.36TEST3 ( http://nmap.org ) at 2010-12-31 02:58 EST
--------------- Timing report ---------------
 hostgroups: min 1, max 100000
 rtt-timeouts: init 1000, min 100, max 10000
 max-scan-delay: TCP 1000, UDP 1000, SCTP 1000
 parallelism: min 0, max 0
 max-retries: 10, host-timeout: 0
 min-rate: 0, max-rate: 0
---------------------------------------------
NSE: Loaded 8 scripts for scanning.
Initiating Ping Scan at 02:58
Scanning angelica (10.59.213.70) [2 ports]
Completed Ping Scan at 02:58, 0.00s elapsed (1 total hosts)
Overall sending rates: 2980.63 packets / s.
mass_rdns: Using DNS server 10.59.59.70
mass_rdns: Using DNS server 10.59.62.10
Initiating Parallel DNS resolution of 1 host. at 02:58
mass_rdns: 0.01s 0/1 [#: 2, OK: 0, NX: 0, DR: 0, SF: 0, TR: 1]
Completed Parallel DNS resolution of 1 host. at 02:58, 0.01s elapsed
DNS resolution of 1 IPs took 0.01s. Mode: Async [#: 2, OK: 1, NX: 0, DR:
0, SF: 0, TR: 1, CN: 0]
Initiating Connect Scan at 02:58
Scanning angelica (10.59.213.70) [1 port]
Discovered open port 3872/tcp on 128.59.213.70
Completed Connect Scan at 02:58, 0.00s elapsed (1 total ports)
Overall sending rates: 1396.65 packets / s.
Initiating Service scan at 02:58
Scanning 1 service on angelica (10.59.213.70)
Got nsock CONNECT response with status ERROR - aborting this service

Do you think this is the same error you were getting with ssl-cert.nse?
http://seclists.org/nmap-dev/2010/q4/71

It would be a big help if you can identify a revision when this started
happening.

r19801 broke things for the Google Search appliance scan.

"Let nmap.connect take a host table and port table in place of a string
and an integer. This is going to be used to easily support Server Name
Indication for SSL connections."

I'm still working out what commit broke the OEM agent probe.


-- 
Matt
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]