Nmap Development mailing list archives
RE: NSE issue with shortport
From: "Thomas Buchanan" <TBuchanan () thecompassgrp net>
Date: Thu, 15 Nov 2007 17:04:53 -0600
-----Original Message----- From: nmap-dev-bounces () insecure org [mailto:nmap-dev-bounces () insecure org] On Behalf Of Thomas Buchanan Sent: Thursday, November 15, 2007 3:13 PM To: Matthew Boyle Cc: nmap-dev () insecure org Subject: RE: NSE issue with shortport-----Original Message----- From: nmap-dev-bounces () insecure org [mailto:nmap-dev-bounces () insecure org] On Behalf Of Matthew Boyle Sent: Thursday, November 15, 2007 2:51 PM To: nmap-dev () insecure org Subject: RE: NSE issue with shortport something like this? it automatically sets the port to have a new reason ("script-set") when you modify its state. mostly this is a lot easier than finding the correct reason_code from the user's (possibly ambiguous or incorrect) string, but also because i think this is a more accurate representation of what happened. though i suppose we could guess that, say, a UDP port is being set to "open" because we've received a udp-response).It works well in the brief testing I did. Another scenario to consider is when the service / version detection system changes the port state. Not sure if something separate from "script-set" would be called for there, or as you suggest, it should just use {protocol}-response as a reason.
Replying to myself, not a good sign. The following patch should be carefully reviewed :) Here's a quick patch to service_scan.cc to update the port reason when a port's state is changed due to a response during service detection. I'm not sure the TCP option is needed (can we have a TCP port whose state == PORT_OPENFILTERED ?), but it's included for completeness. Thomas
Attachment:
service-reason.patch
Description: service-reason.patch
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- NSE issue with shortport Thomas Buchanan (Nov 13)
- Re: NSE issue with shortport Eddie Bell (Nov 14)
- RE: NSE issue with shortport Thomas Buchanan (Nov 14)
- Re: NSE issue with shortport Eddie Bell (Nov 14)
- RE: NSE issue with shortport Thomas Buchanan (Nov 14)
- <Possible follow-ups>
- RE: NSE issue with shortport Matthew Boyle (Nov 15)
- Re: NSE issue with shortport Fyodor (Nov 15)
- RE: NSE issue with shortport Thomas Buchanan (Nov 15)
- RE: NSE issue with shortport Thomas Buchanan (Nov 15)
- Re: NSE issue with shortport Fyodor (Nov 15)
- RE: NSE issue with shortport Thomas Buchanan (Nov 15)
- Re: NSE issue with shortport Fyodor (Nov 15)
- Re: NSE issue with shortport Eddie Bell (Nov 14)