Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Can not get version of Oracle via nmap.
From: Patrik Karlsson <patrik () cqure net>
Date: Sun, 6 Mar 2011 04:00:37 +0100


On Mar 1, 2011, at 07:25 , Verde Denim wrote:

On Tue, Mar 1, 2011 at 1:19 AM, Patrik Karlsson <patrik () cqure net> wrote:


On Feb 28, 2011, at 12:18 , <kim700620 () yahoo co jp> wrote:

Hello,

I'm trying to discover Oracle11gR2 using Nmap.
and can not get the version of it.
The following is my environment.

Nmap version: 5.51
OS: Windows Server 2003 SP2/Windows XP professional
Target DB1: Oracle11gR1 on Windows Server 2008 SP1
Target DB2: Oracle11gR2 on Windows Server 2008 R2
Command: nmap -sV -p 1521 <IP address>

And the result of my scan is:
[Target DB1]
Nmap scan report for <IP address>
Host is up (0.00s latency).
PORT     STATE SERVICE    VERSION
1521/tcp open  oracle-tns Oracle TNS Listener 11.1.0.7.0 (for 32-bit
Windows)
MAC Address: **:**:**:**:**:** (Microsoft)
[Target DB2]
Nmap scan report for <IP address>
Host is up (0.00s latency).
PORT     STATE SERVICE    VERSION
1521/tcp open  oracle-tns Oracle TNS Listener
MAC Address: **:**:**:**:**:** (Microsoft)

Both of the database service and listener are running and I can connect
to the database from a remote machine.
I wonder if this is a bug.
Or if not, is there any other setting I should to do?

Thanks in advance.

                                                &nbsp; Yours sencially.
                                                &nbsp; Melanie Kim

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


Hi Kim,

I can confirm that the version detection isn't working with my Oracle 11gR2
either.
I will look into it and get back to you, once I figure out the problem.

Regards,
Patrik


Pat - Isn't the information about the version usually available through the
banner? If the banner broadcast is turned off, you wouldn't see it in that
case.
I haven't installed R2, but I feel like Oracle would probably turn that off
as a default by now.

Jack

Starting with Oracle 11gR2 it appears it's no longer possible to query the TNS listener using the version command 
remotely.
This is essentially what Nmap's using in order to fingerprint the version.
I'm not sure if there's another way around this yet, but I'll let you know if I do.

//Patrik
--
Patrik Karlsson
http://www.cqure.net
http://www.twitter.com/nevdull77

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]