Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: some ssl version scanning not working
From: David Fifield <david () bamsoftware com>
Date: Sat, 1 Jan 2011 17:20:10 -0800

On Fri, Dec 31, 2010 at 03:14:13AM -0500, Matt Selsky wrote:
I'm having trouble scanning some SSL services (Oracle Enterprise Manager
agents in this case) that used to work.  I'm running svn trunk...

$ ./nmap --datadir . -sV -p3872 -d angelica

Starting Nmap 5.36TEST3 ( http://nmap.org ) at 2010-12-31 02:58 EST
--------------- Timing report ---------------
  hostgroups: min 1, max 100000
  rtt-timeouts: init 1000, min 100, max 10000
  max-scan-delay: TCP 1000, UDP 1000, SCTP 1000
  parallelism: min 0, max 0
  max-retries: 10, host-timeout: 0
  min-rate: 0, max-rate: 0
---------------------------------------------
NSE: Loaded 8 scripts for scanning.
Initiating Ping Scan at 02:58
Scanning angelica (10.59.213.70) [2 ports]
Completed Ping Scan at 02:58, 0.00s elapsed (1 total hosts)
Overall sending rates: 2980.63 packets / s.
mass_rdns: Using DNS server 10.59.59.70
mass_rdns: Using DNS server 10.59.62.10
Initiating Parallel DNS resolution of 1 host. at 02:58
mass_rdns: 0.01s 0/1 [#: 2, OK: 0, NX: 0, DR: 0, SF: 0, TR: 1]
Completed Parallel DNS resolution of 1 host. at 02:58, 0.01s elapsed
DNS resolution of 1 IPs took 0.01s. Mode: Async [#: 2, OK: 1, NX: 0, DR:
0, SF: 0, TR: 1, CN: 0]
Initiating Connect Scan at 02:58
Scanning angelica (10.59.213.70) [1 port]
Discovered open port 3872/tcp on 128.59.213.70
Completed Connect Scan at 02:58, 0.00s elapsed (1 total ports)
Overall sending rates: 1396.65 packets / s.
Initiating Service scan at 02:58
Scanning 1 service on angelica (10.59.213.70)
Got nsock CONNECT response with status ERROR - aborting this service

Do you think this is the same error you were getting with ssl-cert.nse?
http://seclists.org/nmap-dev/2010/q4/71

It would be a big help if you can identify a revision when this started
happening. You can revert your whole working directory plus externals to
a previous revision XXXXX with

$ svn update --ignore-externals -rXXXXX . nbase ncat nsock nping zenmap

Then configure and make as usual. I would normally go back by thousands
until the behavior changes and then do binary search. Something else you
can do is look at CHANGELOG for release dates and then feed them as
revision specifiers. For example, with

Nmap 5.35DC1 [2010-07-16]

you would do

$ svn update --ignore-externals -r{2010-07-16} . nbase ncat nsock nping zenmap
Updated to revision 18863.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault