RE: NSE issue with shortport

["Thomas Buchanan" <TBuchanan () thecompassgrp net>]

> -----Original Message-----
> From: nmap-dev-bounces () insecure org 
> [mailto:nmap-dev-bounces () insecure org] On Behalf Of Thomas Buchanan
> Sent: Thursday, November 15, 2007 3:13 PM
> To: Matthew Boyle
> Cc: nmap-dev () insecure org
> Subject: RE: NSE issue with shortport
>
> > -----Original Message-----
> > From: nmap-dev-bounces () insecure org 
> > [mailto:nmap-dev-bounces () insecure org] On Behalf Of Matthew Boyle
> > Sent: Thursday, November 15, 2007 2:51 PM
> > To: nmap-dev () insecure org
> > Subject: RE: NSE issue with shortport
> >
> >
> > something like this?
> >
> > it automatically sets the port to have a new reason 
> > ("script-set") when you modify its state.  mostly this is a 
> > lot easier than finding the correct reason_code from the 
> > user's (possibly ambiguous or incorrect) string, but also 
> > because i think this is a more accurate representation of 
> > what happened.  though i suppose we could guess that, say, a 
> > UDP port is being set to "open" because we've received a 
> > udp-response).
>
> It works well in the brief testing I did.  Another scenario 
> to consider
> is when the service / version detection system changes the port state.
> Not sure if something separate from "script-set" would be called for
> there, or as you suggest, it should just use {protocol}-response as a
> reason.
>  


Replying to myself, not a good sign.  The following patch should be
carefully reviewed :)

Here's a quick patch to service_scan.cc to update the port reason when a
port's state is changed due to a response during service detection.

I'm not sure the TCP option is needed (can we have a TCP port whose
state == PORT_OPENFILTERED ?), but it's included for completeness.

Thomas

Attachment: service-reason.patch
Description: service-reason.patch

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org