Nmap Development mailing list archives
Re: nmap+V
From: "Paul Tod Rieger" <prie () abl com>
Date: Thu, 24 Aug 2000 00:22:03 -0400
Fyodor <fyodor () insecure org> wrote:
What are others doing? Nessus has mentioned in various announcements that they detect services rather than rely on static port mapping. Has anyone looked into their approach? Sharing service detection mechanisms/scripts with Nessus or other scanners would be a plus.
Appendix A of http://www.nessus.org/doc/nasl.html lists the knowledge base that Nessus can build up. For instance, the key "Services/www" will return the port number of the webserver (0 if none found).
The syntax needs to be powerful enough to handle the vast majority of protocols. Ideally, it could even handle binary protocols like SMB
The Nessus appendix only lists 19 "Services/*" keys (all ASCII). Still, it's a start.
Remember, it only needs to be smart enough to detect what protocol is running (and perhaps version). It doesn't need to do any in depth analysis of the protocol.
Nessus has "bind/version" and seems to do in-depth analysis of ftp and finger. As for version scanning with nmap, I'd like to see banner scanning as well. The regexp parsing leaves out too much information for me. For instance, I not only want to know what version of Sendmail is running but also the hostname and the date; not only what version of Apache is running but also where the root document is (another machine?), when was it last modified, and what exactly is that spammer trying to sell me. :-) (For my requirements, maybe rain.forest.puppy's "nmap stubs" in Perl would automate nmap (-O, -I, -sR), ftp, binfo, finger, and telnet 80 for me, but the http://www.angio.net/security/rfp link on http://www.insecure.org/nmap/ doesn't seem to work....) Tod abl.com --------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Current thread:
- Re: nmap+V Paul Tod Rieger (Aug 23)
- Re: nmap+V H D Moore (Aug 23)
- Re: nmap+V Fyodor (Aug 24)
- Re: nmap+V Ryan Permeh (Aug 24)
- Re: nmap+V Fyodor (Aug 24)
- RE: nmap+V Jay Freeman (saurik) (Aug 26)
- nmap output & processing modules H D Moore (Aug 27)
- <Possible follow-ups>
- Re: nmap+V Paul Tod Rieger (Aug 24)
- Re: nmap+V H D Moore (Aug 23)