Nmap Development mailing list archives

bizarre false positive (?) in service detection

From: "DePriest, Jason R." <jrdepriest () gmail com>
Date: Thu, 12 Apr 2007 14:28:32 -0500

I ran a scan against a subnet looking for wormy systems.

I didn't find any worms but I did find an unauthorized Skype VoIP
device... or so I thought.

The OS was listed as Panasonic embedded and it matched the Panasonic
DB-3500 series printer fingerprint.

A physical inspection (from IP address to switch port to device)
confirmed that yes, this is a Panasonic printer.

What I cannot figure out is why port 25 came up as 'Skype VoIP data channel'.

Has anyone else seen this particular oddity?

-Jason

PS - I can see that Skype and Panasonic have entered some sort of
business agreement, but I can't get to the pages because my at-work
proxy server blocks access to Skype!

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

bizarre false positive (?) in service detection DePriest, Jason R. (Apr 12)
- Re: bizarre false positive (?) in service detection DePriest, Jason R. (Apr 12)
  - Re: bizarre false positive (?) in service detection Brandon Enright (Apr 12)
    - Re: bizarre false positive (?) in service detection DePriest, Jason R. (Apr 12)
    - Re: bizarre false positive (?) in service detection DePriest, Jason R. (Apr 13)
    - Re: bizarre false positive (?) in service detection Brandon Enright (Apr 13)
    - Re: bizarre false positive (?) in service detection DePriest, Jason R. (Apr 13)
    - Re: bizarre false positive (?) in service detection Brandon Enright (Apr 13)
    - Re: bizarre false positive (?) in service detection doug (Apr 13)