Nmap Development mailing list archives
Re: [NSE] ProConOS and PC Worx
From: Daniel Miller <bonsaiviking () gmail com>
Date: Tue, 24 Feb 2015 07:52:43 -0600
Stephen, These simple scripts are great contributions. The biggest improvement to how Nmap handles these services, however, would be to have service fingerprints in nmap-service-probes to identify the services if possible. Since you are making these "version" category scripts, the most likely way people will run them will be via the -sV option, which means that Nmap will send a barrage of inappropriate probes to the service trying to match a response. You know as well or better than anyone how hazardous that could be against industrial equipment :). If we have a matchline (or even a softmatch to identify the protocol) in nmap-service-probes, then Nmap will stop probing at that point. This speeds up scan times considerably, and avoids sending "bad" data to known services. Do you have examples of service fingerprints that Nmap prints for these services when you run with -sV? Or with -sV --version-all? Thanks. Dan On Thu, Feb 12, 2015 at 2:16 PM, Stephen Hilt <hilt () digitalbond com> wrote:
Hello, Here are two new NSEs aimed to help identify ProConOS/MultiProg enabled PLCs as well as Phoenix Contact PLCs that support the PC Worx. Please consider these for inclusion into Nmap scripts. https://github.com/digitalbond/Redpoint/blob/master/proconos-info.nse https://github.com/digitalbond/Redpoint/blob/master/pcworx-info.nse Stephen Hilt CISSP, C|EH, CPT 423.402.0936 hilt () digitalbond com @sjhilt _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] ProConOS and PC Worx Stephen Hilt (Feb 12)
- Re: [NSE] ProConOS and PC Worx Daniel Miller (Feb 24)
- Re: [NSE] ProConOS and PC Worx Stephen Hilt (Mar 07)
- Re: [NSE] ProConOS and PC Worx Daniel Miller (Feb 24)