Slashdot Mirror


Nmap Gets Version Detection

Anonymous Coward writes "Up until now, everyone's favorite port scanner, nmap has had decent OS detection (through TCP fingerprinting) and service identification based on the open port, but the latest version, 3.45 released today, has version detection for each service! This means not only can nmap tell you that httpd is running on port 80, but that it is `apache httpd version 2.0.39`! While this is a little bit worrisome because of what malicious purposes people might use nmap's version detection for, this should make the jobs of admins everywhere easier and keep us all more on our toes when it comes to security. Fyodor has also published a paper on how the version detection works."

2 of 172 comments (clear)

  1. nmap malicious? by Improv · · Score: 4, Funny

    Gosh, who could possibly imagine that, with the
    addition of version detection, the most 'white hat'
    tool out there that could never possibly be used for
    anything bad suddenly becomes a 'black hat' tool..
    It's a complete 180!

    --
    For every problem, there is at least one solution that is simple, neat, and wrong.
  2. leet by grub · · Score: 4, Funny
    Cool! That version detection works!
    Starting nmap V. 3.45 ( www.insecure.org/nmap/ )
    Interesting ports on test.grub.net (10.0.1.24):

    Port State Service Version
    22/tcp open ssh (c) SCO
    80/tcp open http (c) SCO
    443/tcp open https (c) SCO
    --
    Trolling is a art,