Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: some ssl version scanning not working
From: David Fifield <david () bamsoftware com>
Date: Mon, 3 Jan 2011 10:34:48 -0800

On Mon, Jan 03, 2011 at 01:31:28PM -0500, Matt Selsky wrote:

On Jan 1, 2011, at 8:20 PM, David Fifield wrote:

On Fri, Dec 31, 2010 at 03:14:13AM -0500, Matt Selsky wrote:
I'm having trouble scanning some SSL services (Oracle Enterprise Manager
agents in this case) that used to work.  I'm running svn trunk...

$ ./nmap --datadir . -sV -p3872 -d angelica

Starting Nmap 5.36TEST3 ( http://nmap.org ) at 2010-12-31 02:58 EST
--------------- Timing report ---------------
 hostgroups: min 1, max 100000
 rtt-timeouts: init 1000, min 100, max 10000
 max-scan-delay: TCP 1000, UDP 1000, SCTP 1000
 parallelism: min 0, max 0
 max-retries: 10, host-timeout: 0
 min-rate: 0, max-rate: 0
---------------------------------------------
NSE: Loaded 8 scripts for scanning.
Initiating Ping Scan at 02:58
Scanning angelica (10.59.213.70) [2 ports]
Completed Ping Scan at 02:58, 0.00s elapsed (1 total hosts)
Overall sending rates: 2980.63 packets / s.
mass_rdns: Using DNS server 10.59.59.70
mass_rdns: Using DNS server 10.59.62.10
Initiating Parallel DNS resolution of 1 host. at 02:58
mass_rdns: 0.01s 0/1 [#: 2, OK: 0, NX: 0, DR: 0, SF: 0, TR: 1]
Completed Parallel DNS resolution of 1 host. at 02:58, 0.01s elapsed
DNS resolution of 1 IPs took 0.01s. Mode: Async [#: 2, OK: 1, NX: 0, DR:
0, SF: 0, TR: 1, CN: 0]
Initiating Connect Scan at 02:58
Scanning angelica (10.59.213.70) [1 port]
Discovered open port 3872/tcp on 128.59.213.70
Completed Connect Scan at 02:58, 0.00s elapsed (1 total ports)
Overall sending rates: 1396.65 packets / s.
Initiating Service scan at 02:58
Scanning 1 service on angelica (10.59.213.70)
Got nsock CONNECT response with status ERROR - aborting this service

Do you think this is the same error you were getting with ssl-cert.nse?
http://seclists.org/nmap-dev/2010/q4/71

It would be a big help if you can identify a revision when this started
happening.

r19801 broke things for the Google Search appliance scan.

"Let nmap.connect take a host table and port table in place of a string
and an integer. This is going to be used to easily support Server Name
Indication for SSL connections."

I'm still working out what commit broke the OEM agent probe.

Good work. I'll check it out.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault