Nmap Development mailing list archives
Re: Problem/bug in nmap documentation?
From: Daniel Miller <bonsaiviking () gmail com>
Date: Mon, 24 Sep 2018 15:42:32 -0500
Anders, Thanks for asking about this. When Nmap misidentifies a service, there's no way to get it to print the full service fingerprint. Even if there were, there's not much point because it usually would only contain the one string that matched the existing match line. The --version-trace option is what shows what probes were sent and what was received and what match line was matched. The other options are included to get more information about the target in case it is relevant to identifying the service. All together, this is usually enough information to update an existing match line. The problem of identifying lower layers instead of upper applications is a tricky one. We generally prefer to identify the underlying software and only put higher-level info in the extra-info field if it is shown at all (e.g. identify Apache httpd, but do not identify WordPress). But there are always exceptions. When we see your submission, we'll be able to make a better determination. And of course you can include more information than is requested if you feel it would be helpful. Dan On Mon, Sep 24, 2018 at 3:34 PM Anders Thulin <anders () thulin name> wrote:
I've discovered what I think is a mis-identification of a service (latest nmap, Linux platform). Nmap does identify a lower-level component used for the service, but not the actual service. (This is not the bug; it's where I started.) I've searched around, but not found any other recommendation for submitting corrections/additions than that on the 'Community contributions' page (https://nmap.org/book/vscan-community.html), where it says "Run the command nmap -O -Pn -sSV -T4 -d --version-trace -p<port> <target>, where <port> is the port running the misidentified service on the <target> host." followed by a pointer to the standard submit page. However, that command does _not_ produce a service version fingerprint, so there's nothing to submit. (I can only assume it worked at one time, but since has changed no non-working state.) It does provide a os fingerprint, but that's That's the bug: the command does not work as stated. Next ... how do I produce the necessary service fingerprint for submission? regards, -- /A. Thulin _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Problem/bug in nmap documentation? Anders Thulin (Sep 24)
- Re: Problem/bug in nmap documentation? Daniel Miller (Sep 24)