# This list of protocols is distributed with the  -*- mode: fundamental; -*-
# Nmap Security Scanner ( http://www.insecure.org/nmap/ )
#
# This list is based on IEEE data at
# http://www.iana.org/assignments/protocol-numbers and was last updated
# by Fyodor on January 26, 2006
hopopt            0  # IPv6 Hop-by-Hop Option
icmp              1  # Internet Control Message
igmp              2  # Internet Group Management
ggp               3  # Gateway-to-Gateway
ip                4  # IP in IP (encapsulation)
st                5  # Stream
tcp               6  # Transmission Control
cbt               7  # CBT
egp               8  # Exterior Gateway Protocol
igp               9  # any private interior gateway (
bbn-rcc-mon      10  # BBN RCC Monitoring
nvp-ii           11  # Network Voice Protocol
pup              12  # PUP
argus            13  # ARGUS
emcon            14  # EMCON
xnet             15  # Cross Net Debugger
chaos            16  # Chaos
udp              17  # User Datagram
mux              18  # Multiplexing
dcn-meas         19  # DCN Measurement Subsystems
hmp              20  # Host Monitoring
prm              21  # Packet Radio Measurement
xns-idp          22  # XEROX NS IDP
trunk-1          23  # Trunk-1
trunk-2          24  # Trunk-2
leaf-1           25  # Leaf-1
leaf-2           26  # Leaf-2
rdp              27  # Reliable Data Protocol
irtp             28  # Internet Reliable Transaction
iso-tp4          29  # ISO Transport Protocol Class 4
netblt           30  # Bulk Data Transfer Protocol
mfe-nsp          31  # MFE Network Services Protocol
merit-inp        32  # MERIT Internodal Protocol
dccp             33  # Datagram Congestion Control Protocol
3pc              34  # Third Party Connect Protocol
idpr             35  # Inter-Domain Policy Routing Protocol
xtp              36  # XTP
ddp              37  # Datagram Delivery Protocol
idpr-cmtp        38  # IDPR Control Message Transport Proto
tp++             39  # TP+
il               40  # IL Transport Protocol
ipv6             41  # Ipv6
sdrp             42  # Source Demand Routing Protocol
ipv6-route       43  # Routing Header for IPv6
ipv6-frag        44  # Fragment Header for IPv6
idrp             45  # Inter-Domain Routing Protocol
rsvp             46  # Reservation Protocol
gre              47  # General Routing Encapsulation
mhrp             48  # Mobile Host Routing Protocol
bna              49  # BNA
esp              50  # Encap Security Payload
ah               51  # Authentication Header
i-nlsp           52  # Integrated Net Layer Security  TUBA
swipe            53  # IP with Encryption
narp             54  # NBMA Address Resolution Protocol
mobile           55  # IP Mobility
tlsp             56  # Transport Layer Security Protocol using Kryptonet key management
skip             57  # SKIP
ipv6-icmp        58  # ICMP for IPv6
ipv6-nonxt       59  # No Next Header for IPv6
ipv6-opts        60  # Destination Options for IPv6
anyhost          61  # any host internal protocol
cftp             62  # CFTP
anylocalnet      63  # any local network
sat-expak        64  # SATNET and Backroom EXPAK
kryptolan        65  # Kryptolan
rvd              66  # MIT Remote Virtual Disk Protocol
ippc             67  # Internet Pluribus Packet Core
anydistribfs     68  # any distributed file system
sat-mon          69  # SATNET Monitoring
visa             70  # VISA Protocol
ipcv             71  # Internet Packet Core Utility
cpnx             72  # Computer Protocol Network Executive
cphb             73  # Computer Protocol Heart Beat
wsn              74  # Wang Span Network
pvp              75  # Packet Video Protocol
br-sat-mon       76  # Backroom SATNET Monitoring
sun-nd           77  # SUN ND PROTOCOL-Temporary
wb-mon           78  # WIDEBAND Monitoring
wb-expak         79  # WIDEBAND EXPAK
iso-ip           80  # ISO Internet Protocol
vmtp             81  # VMTP
secure-vmtp      82  # SECURE-VMTP
vines            83  # VINES
ttp              84  # TTP
nsfnet-igp       85  # NSFNET-IGP
dgp              86  # Dissimilar Gateway Protocol
tcf              87  # TCF
eigrp            88  # EIGRP
ospfigp          89  # OSPFIGP
sprite-rpc       90  # Sprite RPC Protocol
larp             91  # Locus Address Resolution Protocol
mtp              92  # Multicast Transport Protocol
ax.25            93  # AX.
ipip             94  # IP-within-IP Encapsulation Protocol
mi           48  landesk-rc m|^\0\x04\0| p/Novell Zen Remote Desktop/ v/4.0.X/
# 6.5.14
match landesk-rc m|^\0\x06\x05| p/Novell Zen Remote Desktop/ v/6.5.X/

match landesk-rc m|^TNMP.\0\0\0TNME.\0\0\0USER.\x07\x04\0\x08\0.{9}\0P\0\x03\0U\0\xff\xff\0.*Desktop Manager ([\d.]+)\0|s p/LANDesk RC/ v/$1/


##############################NEXT PROBE##############################
Probe TCP TerminalServer q|\x03\0\0\x0b\x06\xe0\0\0\0\0\0|
rarity 6
ports 515,1028,1068,1503,1720,2040,3389
# \x03 is queue status command for LPD service.  Should be terminated
# by \n, but apparently some dumb lpds allow \0.  For now I will keep
# 515 in the common ports line, I suppose
match printer m/^no entries\n$/ p/Xerox LPD/ d/printer/
match printer m|^ActiveFax Server: There are \d+ entries in the Faxlist\r\n| p/ActiveFax LPD/

# Windows 2000 Server
# Windows 2000 Advanced Server
# Windows XP Professional
match microsoft-rdp m|^\x03\0\0\x0b\x06\xd0\0\0\x12.\0$|s p|Microsoft Terminal Service| o|Windows|
match microsoft-rdp m|^\x03\0\0\x17\x08\x02\0\0Z~\0\x0b\x05\x05@\x06\0\x08\x91J\0\x02X$| p/Microsoft Terminal Service/ i/Used with Netmeeting, Remote Desktop, Remote Assistance/ o/Windows/
match teleconf m|^\x03\0\0\x11\x08\x02..}\x08\x03\0\0\xdf\x14\x01\x01$|s p/Microsoft NetMeeting Remote Desktop Service/ o/Windows/
match teleconf m|^\x03\0\0\x0b\x06\xd0\0\0\x03.\0$| p/Microsoft NetMeeting Remote Desktop Service/ o/Windows/
match teleconf-proxy m|^nmproxy: Procotol byte is not 8\n$| p/nmproxy NetMeeting proxy/
match trillian m|^.\0\x01.....\0([^\0]+)\0|s p/Trillian MSN Module/ i/Name $1/ o/Windows/

# Netware Create Connection Service request
##############################NEXT PROBE##############################
Probe TCP NCP q|\x44\x6d\x64\x54\0\0\0\x17\0\0\0\x01\0\0\0\0\x11\x11\0\xff\x01\xff\x13|
rarity 6
ports 524,6802
# Netware 5 and 6
# NCP "OK" reply
match ncp m|^\x74\x4e\x63\x50\0\0\0\x10\x33\x33| p/Novell