Nmap Development mailing list archives

Re: [NSE] Lotus Domino httpd version

From: Jesper Kückelhahn <dev.kyckel () gmail com>
Date: Mon, 28 Jan 2013 18:42:06 +0100

Hi David,

I thought a bit more about this, and might it be more useful to generalise this script to extract versions of different 
web / application servers? This could be a very small list compared to http-fingerprints, including only pages that 
could be used for version extraction. Domino, Tomcat, Sharepoint, Apache httpd, JBoss AS, Glassfish, WebLogic, 
WebSphere, .Net, etc could be potential candidates for this list.

What is the rule of thumb for default version detection scripts in regards to http traffic, and net traffic in general ?


- Jesper


On Jan 28, 2013, at 4:15 AM, David Fifield <david () bamsoftware com> wrote:

On Sun, Jan 20, 2013 at 12:14:15AM +0100, Jesper Kückelhahn wrote:

I've written a script that tries to improve the version detection of Lotus
Domino httpd services.

This could probably be included in http-fingerprints.lua, but I thought it
might be more advantages to have it run as a version script. If this is not
the case, I'll add the checks to the 'http-fingerprints' instead.


I think I agree, please rework this into a patch against
http-fingerprints.

David Fifield


_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

Current thread:

[NSE] Lotus Domino httpd version Jesper Kückelhahn (Jan 19)
- Re: [NSE] Lotus Domino httpd version David Fifield (Jan 27)
  - Re: [NSE] Lotus Domino httpd version Jesper Kückelhahn (Jan 28)
    - Re: [NSE] Lotus Domino httpd version David Fifield (Jan 28)
    - Message not available
    - Message not available
    - Message not available
    - Re: [NSE] Lotus Domino httpd version David Fifield (Jan 29)
    - Re: [NSE] Lotus Domino httpd version Jesper Kückelhahn (Jan 30)
    - Re: [NSE] Lotus Domino httpd version David Fifield (Jan 30)