Slashdot Mirror

← Back to Stories (view on slashdot.org)

Nmap Gets Version Detection

Posted by CmdrTaco on from the dropping-your-pants dept.

Anonymous Coward writes "Up until now, everyone's favorite port scanner, nmap has had decent OS detection (through TCP fingerprinting) and service identification based on the open port, but the latest version, 3.45 released today, has version detection for each service! This means not only can nmap tell you that httpd is running on port 80, but that it is `apache httpd version 2.0.39`! While this is a little bit worrisome because of what malicious purposes people might use nmap's version detection for, this should make the jobs of admins everywhere easier and keep us all more on our toes when it comes to security. Fyodor has also published a paper on how the version detection works."

10 of 172 comments (clear)

  1. Kent Brockman by Anonymous Coward · · Score: 1, Funny

    I, for one, welcome our new version detecting port scanning overlords.

  2. nmap malicious? by Improv · · Score: 4, Funny

    Gosh, who could possibly imagine that, with the
    addition of version detection, the most 'white hat'
    tool out there that could never possibly be used for
    anything bad suddenly becomes a 'black hat' tool..
    It's a complete 180!

    --
    For every problem, there is at least one solution that is simple, neat, and wrong.
  3. Great by essdodson · · Score: 3, Funny

    This, on top of it being in the matrix will have every pimply 13 year old trying to haxor the gibson.

    --
    scott
    1. Re:Great by Cyclopedian · · Score: 0, Funny
      "They're into the Kernel!" - Former Gibson System Administrator.

      Seriously, Hackers is one of my favorite movies to mock due to all of the insanely inaccurate lines.

      -Cyc

      --
      /.'s 10 Millionth
  4. Why OS detection? by thorgil · · Score: 1, Funny

    - Ok... Why OS detection? Don't you know what OS you run? ;-)

    --
    Warning: This sig contains a small bug. ==> *
  5. Just out of curiousity... by Gandhian_Rage · · Score: 2, Funny

    Does this make it easier for fyodor to listen for an open X11 server?

  6. leet by grub · · Score: 4, Funny
    Cool! That version detection works!
    Starting nmap V. 3.45 ( www.insecure.org/nmap/ )
    Interesting ports on test.grub.net (10.0.1.24):

    Port State Service Version
    22/tcp open ssh (c) SCO
    80/tcp open http (c) SCO
    443/tcp open https (c) SCO
    --
    Trolling is a art,
  7. one possible upside by *weasel · · Score: 1, Funny


    if this works into the script kiddies stock toolbox, then maybe they'll stop pounding my damn web server looking for backdoors that are 2 major OS versions old.

    or maybe i should finally break down and write that script to fire off an auto-email to the administration contact each time some zombie comes knocking.

    --
    // "Can't clowns and pirates just -try- to get along?"
  8. Re:Catch it the same way as the rest by Anonymous Coward · · Score: 0, Funny

    *Notifies admins*.

  9. hats off to fyodor.... by ziggy_zero · · Score: 2, Funny

    ....did you know he drives a bimmer? I saw him on the road in Sunnyvale a few weeks ago - his license plate is ROOOOT. hahahaha

    (seriously, i'm not making this up. i e-mailed him because he also had an insecure.org license plate holder so that kind of tipped me off. lo and behold, it was him.)

    --
    I belong to the ______ generation.