Re: Nmap-2.00 doesn't recognize SSH?

[Robert Ståhlbrand <robert.stahlbrand () ac salcom se>]

This a tough job. You gotta know how every protocol works in detail and figure
out a smart way to make it respond. They are often "UDP-like" but doesn't answer
with ICMP port unreachable.
What could be of interest?
ESP (50)
AH (51)
You might have a chance to trace more things then only listening/not listening
from ESP and AH such as encryption method, mode (agressiv/non-aggressiv), key
handling......just a thought.

/Robert

Lars Marowsky-Brée wrote:

> On 1998-12-17T13:13:51,
>    Robert Ståhlbrand <robert.stahlbrand () ac salcom se> said:
>
> > RFC 1700 covers most known ports but is far from complete. I'm not sure
> > but I think the last time it was updated was october 1994.
> > For example, there are some interesting ports between 802 and 995 which
> > rfc 1700 is not aware of which really is potenital hack stuff. See below:
>
> What you all want to do is to go to IANA and get the list of assigned ports.
>
> What would be interesting for nmap to not only scan TCP/UDP ports, but also
> scan for the reaction for protocols other than 7, 16 and see how the server
> reacts.
>
> Sincerely,
>     Lars Marowsky-Brée
>
> --
> Lars Marowsky-Brée
> Network Management
>
> teuto.net Netzdienste GmbH - DPN Verbund-Partner