Nmap Development mailing list archives
Re: Support for iLO4
From: "Mihai-Radu, Orza" <orzamihai () yahoo com>
Date: Fri, 13 Jul 2012 00:04:51 -0700 (PDT)
Hi Dan, I couldn't find the --service-trace option. I used --version-trace instead. Below is the command output. Regards, Mihai ./nmap -oX - -v -S 192.168.137.25 --exclude 192.168.137.25 -O --version-trace -sT -T Polite -p T:22,T:23,T:513,T:139,T:25 192.168.170.15 WARNING: If -S is being used to fake your source address, you may also have to use -e <interface> and -Pn . If you are using it to specify your real source address, you can ignore this warning. WARNING: -S will only affect the source address used in a connect() scan if you specify one of your own addresses. Use -sS or another raw scan if you want to completely spoof your source address, but then you need to know what you're doing to obtain meaningful results. <?xml version="1.0"?> <?xml-stylesheet href="file:///root/nmap-6.01_dist/bin/../share/nmap/nmap.xsl" type="text/xsl"?> <!-- Nmap 6.01 scan initiated Fri Jul 13 07:00:43 2012 as: ./nmap -oX - -v -S 192.168.137.25 --exclude 192.168.137.25 -O --version-trace -sT -T Polite -p T:22,T:23,T:513,T:139,T:25 192.168.170.15 --> <nmaprun scanner="nmap" args="./nmap -oX - -v -S 192.168.137.25 --exclude 192.168.137.25 -O --version-trace -sT -T Polite -p T:22,T:23,T:513,T:139,T:25 192.168.170.15" start="1342162843" startstr="Fri Jul 13 07:00:43 2012" version="6.01" xmloutputversion="1.04"> <scaninfo type="connect" protocol="tcp" numservices="5" services="22-23,25,139,513"/> <verbose level="1"/> <debugging level="1"/> <taskbegin task="Ping Scan" time="1342162843"/> <taskend task="Ping Scan" time="1342162844" extrainfo="1 total hosts"/> <taskbegin task="Parallel DNS resolution of 1 host." time="1342162844"/> <taskend task="Parallel DNS resolution of 1 host." time="1342162849"/> <taskbegin task="Connect Scan" time="1342162849"/> <taskend task="Connect Scan" time="1342162851" extrainfo="5 total ports"/> <host starttime="1342162843" endtime="1342162871"><status state="up" reason="echo-reply"/> <address addr="192.168.170.15" addrtype="ipv4"/> <hostnames> </hostnames> <ports><port protocol="tcp" portid="22"><state state="open" reason="syn-ack" reason_ttl="0"/><service name="ssh" method="table" conf="3"/></port> <port protocol="tcp" portid="23"><state state="closed" reason="conn-refused" reason_ttl="0"/><service name="telnet" method="table" conf="3"/></port> <port protocol="tcp" portid="25"><state state="closed" reason="conn-refused" reason_ttl="0"/><service name="smtp" method="table" conf="3"/></port> <port protocol="tcp" portid="139"><state state="closed" reason="conn-refused" reason_ttl="0"/><service name="netbios-ssn" method="table" conf="3"/></port> <port protocol="tcp" portid="513"><state state="closed" reason="conn-refused" reason_ttl="0"/><service name="login" method="table" conf="3"/></port> </ports> <os><portused state="open" proto="tcp" portid="22"/> <portused state="closed" proto="tcp" portid="23"/> <portused state="closed" proto="udp" portid="44711"/> <osmatch name="HP iLO 3 remote management interface" accuracy="98" line="23380"> <osclass type="remote management" vendor="HP" osfamily="iLO" osgen="3.X" accuracy="98"><cpe>cpe:/o:hp:ilo:3</cpe></osclass> </osmatch> <osmatch name="Green Hills Probe hardware debugger" accuracy="97" line="20310"> <osclass type="specialized" vendor="Green Hills" osfamily="embedded" accuracy="97"/> </osmatch> <osmatch name="HP printer: Photosmart 4300-, 6500-, 7200-, or 8100-series, or Officejet 6000-series" accuracy="95" line="22150"> <osclass type="printer" vendor="HP" osfamily="embedded" accuracy="95"/> </osmatch> <osmatch name="APC Network Management Card (AOS 3.3.4 - 3.3.5)" accuracy="95" line="2545"> <osclass type="power-device" vendor="APC" osfamily="AOS" osgen="3.X" accuracy="95"><cpe>cpe:/o:apc:aos:3</cpe></osclass> </osmatch> <osmatch name="HP LaserJet M2727nf or P1505n printer" accuracy="95" line="21829"> <osclass type="printer" vendor="HP" osfamily="embedded" accuracy="95"/> </osmatch> <osmatch name="HP printer (M1120n, M1522n, CP1515n, CP2025dn, or CP2525dn)" accuracy="95" line="22104"> <osclass type="printer" vendor="HP" osfamily="embedded" accuracy="95"/> </osmatch> <osmatch name="Blackboard transaction system serial-to-IP converter" accuracy="95" line="6930"> <osclass type="bridge" vendor="Blackboard" osfamily="embedded" accuracy="95"/> </osmatch> <osmatch name="3M Filtrete 3M-50 thermostat; or HP LaserJet CM1415fn or CP1525n printer" accuracy="94" line="1040"> <osclass type="specialized" vendor="3M" osfamily="embedded" accuracy="94"/> <osclass type="printer" vendor="HP" osfamily="embedded" accuracy="94"><cpe>cpe:/h:hp:laserjet_cm1415fn</cpe></osclass> </osmatch> <osmatch name="HP Officejet J4680 printer" accuracy="94" line="21973"> <osclass type="printer" vendor="HP" osfamily="embedded" accuracy="94"/> </osmatch> <osmatch name="HP Officejet J6480 printer" accuracy="94" line="21991"> <osclass type="printer" vendor="HP" osfamily="embedded" accuracy="94"/> </osmatch> <osfingerprint fingerprint="SCAN(V=6.01%E=4%D=7/13%OT=22%CT=23%CU=44711%PV=Y%DS=3%DC=I%G=N%TM=4FFFC7B7%P=x86_64-unknown-linux-gnu)
SEQ(SP=D4%GCD=1%ISR=D9%TI=I%CI=I%II=I%SS=S%TS=A)
OPS(O1=M5B4NW0NNSNNT11%O2=M578NW0NNSNNT11%O3=M280NW0NNT11%O4=M5B4NW0NNSNNT11%O5=M218NW0NNSNNT11%O6=M109NNSNNT11)
WIN(W1=8218%W2=8220%W3=8204%W4=8218%W5=80F4%W6=807A)
ECN(R=Y%DF=Y%T=41%W=832C%O=M5B4NW0NNS%CC=N%Q=)
T1(R=Y%DF=Y%T=41%S=O%A=S+%F=AS%RD=0%Q=)
T2(R=N)
T3(R=N)
T4(R=Y%DF=N%T=41%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
T5(R=Y%DF=N%T=41%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
T6(R=Y%DF=N%T=41%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
T7(R=Y%DF=N%T=41%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
U1(R=Y%DF=N%T=100%IPL=38%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)
IE(R=Y%DFI=N%T=100%CD=S)
"/> </os> <uptime seconds="4168" lastboot="Fri Jul 13 05:51:43 2012"/> <distance value="3"/> <tcpsequence index="212" difficulty="Good luck!" values="75A25E12,73A42871,79A62E64,77A80AD1,7DA9AFE7,7BAB8935"/> <ipidsequence class="Incremental" values="118,119,11A,11B,11C,11D"/> <tcptssequence class="1000HZ" values="3F7708,3F7898,3F7A28,3F7BB8,3F7D48,3F7EE2"/> <times srtt="350" rttvar="83" to="400000"/> </host> <runstats><finished time="1342162871" timestr="Fri Jul 13 07:01:11 2012" elapsed="28.47" summary="Nmap done at Fri Jul 13 07:01:11 2012; 1 IP address (1 host up) scanned in 28.47 seconds" exit="success"/><hosts up="1" down="0" total="1"/> </runstats> </nmaprun> ________________________________ From: Daniel Miller <bonsaiviking () gmail com> To: "Mihai-Radu, Orza" <orzamihai () yahoo com> Cc: "nmap-dev () insecure org" <nmap-dev () insecure org> Sent: Thursday, July 12, 2012 7:09 PM Subject: Re: Support for iLO4 On 07/12/2012 09:28 AM, Mihai-Radu, Orza wrote:
Hello, Is there any plan to add support for HP Integrated Lights Out 4 (iLO4) detection in the near future? Nmap version 6.01 sees iLO4 as iLO3. Thanks and regards, Mihai _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Mihai, Can you send exactly what Nmap is printing for this service? I can't find a hard-coded version number for any iLO-related services in nmap-service-fingerprints; most of them pull a version from the server response. The output of a scan with --service-trace would be helpful in creating a fingerprint, too. Dan _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Support for iLO4 Mihai-Radu, Orza (Jul 12)
- Re: Support for iLO4 Daniel Miller (Jul 12)
- Re: Support for iLO4 Mihai-Radu, Orza (Jul 13)
- Re: Support for iLO4 David Fifield (Jul 13)
- Re: Support for iLO4 Mihai-Radu, Orza (Jul 13)
- Re: Support for iLO4 Daniel Miller (Jul 12)