diff --git a/CHANGELOG b/CHANGELOG
index cceb81201..0417a81db 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,5 +1,7 @@
 # Nmap Changelog ($Id$); -*-text-*-
 
+o New service probe and match line for DTLS (Datagram TLS, or TLS over UDP).
+
 o Improved some output filtering to remove or escape carriage returns ('\r')
   that could allow output spoofing by overwriting portions of the screen. Issue
   reported by Adam Rutherford. [Daniel Miller]
diff --git a/nmap-payloads b/nmap-payloads
index 31caaf4ee..03ed32940 100644
--- a/nmap-payloads
+++ b/nmap-payloads
@@ -81,8 +81,8 @@ udp 427
 
 # DTLS
 udp 443,4433,4740,5349,5684,6514,6636,10161,10162
-  # DTLS 1.2, length 52
-  "\x16\xfe\xfd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x36"
+  # DTLS 1.0, length 52
+  "\x16\xfe\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x36"
   # ClientHello, length 40, sequence 0, offset 0
   "\x01\x00\x00\x2a\x00\x00\x00\x00\x00\x00\x00\x2a"
   # DTLS 1.2
diff --git a/nmap-service-probes b/nmap-service-probes
index f2b1e2783..b6d29c6e6 100644
--- a/nmap-service-probes
+++ b/nmap-service-probes
@@ -15018,3 +15018,13 @@ ports 5683
 sslports 5684
 
 softmatch coap m|^`E|
+
+##############################NEXT PROBE##############################
+# DTLS Client Hello. Dissection available in nmap-payloads
+Probe UDP DTLSSessionReq q|\x16\xfe\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x36\x01\x00\x00\x2a\x00\x00\x00\x00\x00\x00\x00\x2a\xfe\xfd\x00\x00\x00\x00\x7c\x77\x40\x1e\x8a\xc8\x22\xa0\xa0\x18\xff\x93\x08\xca\xac\x0a\x64\x2f\xc9\x22\x64\xbc\x08\xa8\x16\x89\x19\x30\x00\x00\x00\x02\x00\x2f\x01\x00|
+rarity 5
+ports 443,4433,4740,5349,5684,6514,6636,10161,10162
+
+# OpenSSL 1.1.0 s_server -dtls -listen
+# HelloVerifyRequest always uses DTLS 1.1 version, per RFC 6347
+match dtls m|^\x16\xfe\xff\0\0\0\0\0\0\0\0..\x03...\0\0\0\0\0...\xfe\xff.|