Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Can not get version of Oracle via nmap.

From: Patrik Karlsson <patrik () cqure net>
Date: Sun, 6 Mar 2011 04:00:37 +0100

On Mar 1, 2011, at 07:25 , Verde Denim wrote:


On Tue, Mar 1, 2011 at 1:19 AM, Patrik Karlsson <patrik () cqure net> wrote:



On Feb 28, 2011, at 12:18 , <kim700620 () yahoo co jp> wrote:


Hello,

I'm trying to discover Oracle11gR2 using Nmap.
and can not get the version of it.
The following is my environment.

Nmap version: 5.51
OS: Windows Server 2003 SP2/Windows XP professional
Target DB1: Oracle11gR1 on Windows Server 2008 SP1
Target DB2: Oracle11gR2 on Windows Server 2008 R2
Command: nmap -sV -p 1521 <IP address>

And the result of my scan is:
[Target DB1]
Nmap scan report for <IP address>
Host is up (0.00s latency).
PORT     STATE SERVICE    VERSION
1521/tcp open  oracle-tns Oracle TNS Listener 11.1.0.7.0 (for 32-bit

Windows)

MAC Address: **:**:**:**:**:** (Microsoft)
[Target DB2]
Nmap scan report for <IP address>
Host is up (0.00s latency).
PORT     STATE SERVICE    VERSION
1521/tcp open  oracle-tns Oracle TNS Listener
MAC Address: **:**:**:**:**:** (Microsoft)

Both of the database service and listener are running and I can connect

to the database from a remote machine.

I wonder if this is a bug.
Or if not, is there any other setting I should to do?

Thanks in advance.

                                                &nbsp; Yours sencially.
                                                &nbsp; Melanie Kim

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/



Hi Kim,

I can confirm that the version detection isn't working with my Oracle 11gR2
either.
I will look into it and get back to you, once I figure out the problem.

Regards,
Patrik



Pat - Isn't the information about the version usually available through the
banner? If the banner broadcast is turned off, you wouldn't see it in that
case.
I haven't installed R2, but I feel like Oracle would probably turn that off
as a default by now.

Jack


Starting with Oracle 11gR2 it appears it's no longer possible to query the TNS listener using the version command 
remotely.
This is essentially what Nmap's using in order to fingerprint the version.
I'm not sure if there's another way around this yet, but I'll let you know if I do.

//Patrik
--
Patrik Karlsson
http://www.cqure.net
http://www.twitter.com/nevdull77

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: