Information Needed on these Services

From SecWiki
Jump to: navigation, search

Nmap's Service and Application Version Detection scanning engine (-sV) is built on community contributions. Sometimes, we get contributions that we don't fully understand, or that need more samples to have a complete fingerprint. If you have access to or knowledge of any of the following services, please submit a detailed fingerprint to help improve our database!

Need information

3333/tcp on Netgear routers

Responds to every probe, including NULL (empty packet). Example responses:

  • 0NTP00-00-00MAC00-00-00-00-00-00
  • 4320NTP05:36:19, Apr 15, 2014MAC00-00-00-00-00-00
  • 35NTP00-00-00MAC00-00-00-00-00-00

Need information or more samples

4223/tcp Tinkerforge Brick Daemon (brickd)

We have one sample, but need info on the protocol structure. Other samples (when Brick devices are present -- otherwise replies are empty) would help, too.


10977/tcp NemSLockServer?

This might be Nemetschek SoftLock Server, but we only have the one sample, so we don't know what would make a stable fingerprint. We also aren't sure what the protocol really is. Responds with this to every probe including NULL:

  • \0\0\0\0\xad\?b\x07!\0\0\0a\0\0\x01\xa8\t\*\x1c9\x8d\xdf\x92\xec\xc7T\x02a\x85\x95s\0\rx\n