Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: fingerprint and port additions, question

From: H D Moore <hdm () secureaustin com>
Date: Mon, 22 Oct 2001 00:20:23 -0500
On Sunday 21 October 2001 04:06 am, Jeremy M. Dolan wrote:

And these should be changed from:

vnc               5800/tcp
vnc               5801/tcp
vnc               5900/tcp   # Virtual Network Computer
vnc-1             5901/tcp   # Virtual Network Computer Display :1
vnc-2             5902/tcp   # Virtual Network Computer Display :2

to:

vnc               5800/tcp   # Virtual Network Computer display 0
vnc-1             5801/tcp   # Virtual Network Computer display 1
vnc-2             5802/tcp   # Virtual Network Computer display 2
vnc-http          5900/tcp   # Virtual Network Computer HTTP access,
display 0 vnc-http-1        5901/tcp   # Virtual Network Computer HTTP
access, display 1 vnc-http-2        5902/tcp   # Virtual Network Computer
HTTP access, display 2


Nope. 5900 is VNC, 5800 is the helper http service. It should be:

580[1-9] = vnc-http-X
590[1-9] = vnc-X




----------------------------------------------------------------------

Are there any plans for MSRPC support, like -sR does SunRPC? And will
nmap eventually (or is there another program, maybe) that will poke a
specific port sending commands and listening for responces to try and
tell what server is running? (Rather then guessing just based on port
number)


I would like to see MSRPC support. OS/Service detection based on 
banner/service detection should stay out of nmap (IMHO). Firewalls which 
forward one port to a unix mail server and a second port to an NT web server 
would throw the system off, you are better off doing this manually anyways. 
Creating a wrapper script to do banner/service checks and guess versions 
shouldn't be too hard.



Keep up the good work,
/jmd


-- 
H D Moore
http://www.digitaldefense.net - work
http://www.digitaloffense.net - play

---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Previous By Date Next
Previous By Thread Next

Current thread: