LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 03-28-2013, 09:51 PM   #1
ihermit
LQ Newbie
 
Registered: Jan 2013
Location: under the bridge
Distribution: Slackware 14 current
Posts: 14

Rep: Reputation: Disabled
Nmap unknown fingerprint submission howto


I'm very new to nmap, really just playing around, but I keep getting
Code:
1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :
Here's the fingerprint
Code:
SF-Port1900-TCP:V=6.01%I=7%D=3/28%Time=5154FE07%P=i486-slackware-linux-gnu
SF:%r(GetRequest,10A,"HTTP/1\.0\x20404\x20Not\x20Found\r\nContent-Type:\x2
SF:0text/html\r\nConnection:\x20close\r\nContent-Length:\x20134\r\nServer:
SF:\x20MF60/1\.0\x20UPnP/1\.0\x20miniupnpd/1\.0\r\n\r\n<HTML><HEAD><TITLE>
SF:404\x20Not\x20Found</TITLE></HEAD><BODY><H1>Not\x20Found</H1>The\x20req
SF:uested\x20URL\x20was\x20not\x20found\x20on\x20this\x20server\.</BODY></
SF:HTML>\r\n")%r(GenericLines,117,"\x20501\x20Not\x20Implemented\r\nConten
SF:t-Type:\x20text/html\r\nConnection:\x20close\r\nContent-Length:\x20149\
SF:r\nServer:\x20MF60/1\.0\x20UPnP/1\.0\x20miniupnpd/1\.0\r\n\r\n<HTML><HE
SF:AD><TITLE>501\x20Not\x20Implemented</TITLE></HEAD><BODY><H1>Not\x20Impl
SF:emented</H1>The\x20HTTP\x20Method\x20is\x20not\x20implemented\x20by\x20
SF:this\x20server\.</BODY></HTML>\r\n")%r(HTTPOptions,11F,"HTTP/1\.0\x2050
SF:1\x20Not\x20Implemented\r\nContent-Type:\x20text/html\r\nConnection:\x2
SF:0close\r\nContent-Length:\x20149\r\nServer:\x20MF60/1\.0\x20UPnP/1\.0\x
SF:20miniupnpd/1\.0\r\n\r\n<HTML><HEAD><TITLE>501\x20Not\x20Implemented</T
SF:ITLE></HEAD><BODY><H1>Not\x20Implemented</H1>The\x20HTTP\x20Method\x20i
SF:s\x20not\x20implemented\x20by\x20this\x20server\.</BODY></HTML>\r\n")%r
SF:(RTSPRequest,11F,"RTSP/1\.0\x20501\x20Not\x20Implemented\r\nContent-Typ
SF:e:\x20text/html\r\nConnection:\x20close\r\nContent-Length:\x20149\r\nSe
SF:rver:\x20MF60/1\.0\x20UPnP/1\.0\x20miniupnpd/1\.0\r\n\r\n<HTML><HEAD><T
SF:ITLE>501\x20Not\x20Implemented</TITLE></HEAD><BODY><H1>Not\x20Implement
SF:ed</H1>The\x20HTTP\x20Method\x20is\x20not\x20implemented\x20by\x20this\
SF:x20server\.</BODY></HTML>\r\n")%r(FourOhFourRequest,10A,"HTTP/1\.0\x204
SF:04\x20Not\x20Found\r\nContent-Type:\x20text/html\r\nConnection:\x20clos
SF:e\r\nContent-Length:\x20134\r\nServer:\x20MF60/1\.0\x20UPnP/1\.0\x20min
SF:iupnpd/1\.0\r\n\r\n<HTML><HEAD><TITLE>404\x20Not\x20Found</TITLE></HEAD
SF:><BODY><H1>Not\x20Found</H1>The\x20requested\x20URL\x20was\x20not\x20fo
SF:und\x20on\x20this\x20server\.</BODY></HTML>\r\n")%r(SIPOptions,11E,"SIP
SF:/2\.0\x20501\x20Not\x20Implemented\r\nContent-Type:\x20text/html\r\nCon
SF:nection:\x20close\r\nContent-Length:\x20149\r\nServer:\x20MF60/1\.0\x20
SF:UPnP/1\.0\x20miniupnpd/1\.0\r\n\r\n<HTML><HEAD><TITLE>501\x20Not\x20Imp
SF:lemented</TITLE></HEAD><BODY><H1>Not\x20Implemented</H1>The\x20HTTP\x20
SF:Method\x20is\x20not\x20implemented\x20by\x20this\x20server\.</BODY></HT
SF:ML>\r\n");
I'm not sure how to submit this and don't want to do it wrong.
OS: Linux Slackware 14 -current
wifi : T-Mobile 4G Mobile HotSpot
Firmware Version: BD_MF61V1.0.0B14

I got this fingerprint with :
Code:
nmap -sV --script exploit -d3 --script-trace 192.168.0.1
A little advice in the right direction of how to do this.

Thanks
 
Old 03-29-2013, 02:38 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,953
Blog Entries: 54

Rep: Reputation: 2732Reputation: 2732Reputation: 2732Reputation: 2732Reputation: 2732Reputation: 2732Reputation: 2732Reputation: 2732Reputation: 2732Reputation: 2732Reputation: 2732
Quote:
Originally Posted by ihermit View Post
I'm not sure how to submit this and don't want to do it wrong.
AFAIK there isn't any way to do it wrong and as you know the service and version you could dump that information and the scan data as is at the URI mentioned if you would want to. here is a short description about how to test service / version matches first against nmap's local signature files.
 
Old 03-29-2013, 04:07 PM   #3
ihermit
LQ Newbie
 
Registered: Jan 2013
Location: under the bridge
Distribution: Slackware 14 current
Posts: 14

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by unSpawn View Post
AFAIK there isn't any way to do it wrong
LOL.

thanks that's what I'll do and hopefully that will be good.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
fingerprint match against collection of previos fingerprint mukesh.methaniya Linux - Software 0 05-22-2011 02:31 AM
nmap ? how do i do nmap in linux ? command not found abbasakhtar Linux - Newbie 2 01-02-2011 01:08 AM
unknown IP addresses showing up in nmap Gortex Linux - Security 19 02-27-2009 08:29 AM
LXer: Learn how to use nmap, and nmap GUI, a great port scan tool LXer Syndicated Linux News 0 01-03-2008 09:10 AM
nmap and service type "unknown" Woodsman Slackware 8 08-26-2006 07:30 PM


All times are GMT -5. The time now is 06:30 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration