Nmap Development mailing list archives
Re: some ssl version scanning not working
From: David Fifield <david () bamsoftware com>
Date: Sat, 1 Jan 2011 17:20:10 -0800
On Fri, Dec 31, 2010 at 03:14:13AM -0500, Matt Selsky wrote:
I'm having trouble scanning some SSL services (Oracle Enterprise Manager agents in this case) that used to work. I'm running svn trunk... $ ./nmap --datadir . -sV -p3872 -d angelica Starting Nmap 5.36TEST3 ( http://nmap.org ) at 2010-12-31 02:58 EST --------------- Timing report --------------- hostgroups: min 1, max 100000 rtt-timeouts: init 1000, min 100, max 10000 max-scan-delay: TCP 1000, UDP 1000, SCTP 1000 parallelism: min 0, max 0 max-retries: 10, host-timeout: 0 min-rate: 0, max-rate: 0 --------------------------------------------- NSE: Loaded 8 scripts for scanning. Initiating Ping Scan at 02:58 Scanning angelica (10.59.213.70) [2 ports] Completed Ping Scan at 02:58, 0.00s elapsed (1 total hosts) Overall sending rates: 2980.63 packets / s. mass_rdns: Using DNS server 10.59.59.70 mass_rdns: Using DNS server 10.59.62.10 Initiating Parallel DNS resolution of 1 host. at 02:58 mass_rdns: 0.01s 0/1 [#: 2, OK: 0, NX: 0, DR: 0, SF: 0, TR: 1] Completed Parallel DNS resolution of 1 host. at 02:58, 0.01s elapsed DNS resolution of 1 IPs took 0.01s. Mode: Async [#: 2, OK: 1, NX: 0, DR: 0, SF: 0, TR: 1, CN: 0] Initiating Connect Scan at 02:58 Scanning angelica (10.59.213.70) [1 port] Discovered open port 3872/tcp on 128.59.213.70 Completed Connect Scan at 02:58, 0.00s elapsed (1 total ports) Overall sending rates: 1396.65 packets / s. Initiating Service scan at 02:58 Scanning 1 service on angelica (10.59.213.70) Got nsock CONNECT response with status ERROR - aborting this service
Do you think this is the same error you were getting with ssl-cert.nse? http://seclists.org/nmap-dev/2010/q4/71 It would be a big help if you can identify a revision when this started happening. You can revert your whole working directory plus externals to a previous revision XXXXX with $ svn update --ignore-externals -rXXXXX . nbase ncat nsock nping zenmap Then configure and make as usual. I would normally go back by thousands until the behavior changes and then do binary search. Something else you can do is look at CHANGELOG for release dates and then feed them as revision specifiers. For example, with Nmap 5.35DC1 [2010-07-16] you would do $ svn update --ignore-externals -r{2010-07-16} . nbase ncat nsock nping zenmap Updated to revision 18863. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: some ssl version scanning not working David Fifield (Jan 01)
- Re: some ssl version scanning not working Matt Selsky (Jan 03)
- Re: some ssl version scanning not working David Fifield (Jan 03)
- Re: some ssl version scanning not working Matt Selsky (Jan 23)
- Re: some ssl version scanning not working [patch] Matt Selsky (Jan 23)
- Re: some ssl version scanning not working David Fifield (Jan 03)
- Re: some ssl version scanning not working Matt Selsky (Jan 03)