Re: [PATCH] nmap-service-probes: Misc database corrections, printer additions

[Brandon Enright <bmenrigh () ucsd edu>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, 26 Feb 2009 20:41:52 -0800 or thereabouts Fyodor
<fyodor () insecure org> wrote:

> On Thu, Feb 26, 2009 at 06:30:00PM -0600, Tom Sellers wrote:
> > Here are a couple of things that came up in my packet based
> > travels...
> >
> > The attached patch makes the following changes to
> > nmap-service-probes:
>
> Thanks Tom.  I've applied your patch, except that I've commented out
> the ipds signature because it sounds like there may still be room for
> improvement (per Brandon's email).
>
> Cheers,
> -F

Good deal.  I'd love to get JetDirect/IPDS/PPDS under control.  Very
little bugs me more than somebody complaining that I'm wasting their
paper.  Clearly excluding 9100-9107 was a last ditch effort to quell
complainers since no other port is excluded by default...

If anyone out there can point me to a protocol description of
JetDirect/IPDS/PPDS or a packet capture of some of the control
characters of a print job I'd be happy to test things out.

There is a PHP implementation of JetDirect out there somewhere but I
couldn't find the code for it.

My goal is to be able to safely scan printers on their direct printing
port, detect them, and not have any other probes sent to them.  This
will have the advantage of us being able to re-include 9100-9107, not
annoying printer owners, speeding up version detection of these ports,
and not crashing printers.

I've put some time into it but without more information I'm at a loss as
to how I should proceed.

Brandon

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)

iEYEARECAAYFAkmncwgACgkQqaGPzAsl94JskgCcDsny+EMbuKJnVz2EJ2ZUro2z
RUMAn0j0ewXhmRwaF2MiC43VAeRTvPHX
=wSy8
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org