Home page logo
/

bugtraq logo Bugtraq mailing list archives

Xprobe2 0.2rc1 release, white paper release, and Blackhat presentation availability
From: Ofir Arkin <ofir () sys-security com>
Date: Thu, 7 Aug 2003 22:08:49 +0300

We are pleased to announce the immediate availability of Xprobe2 v0.2 rc1, which has been officially released at the Blackhat briefings USA 2003.

Xprobe2 is a remote active operating system fingerprinting tool with a different approach to operating system fingerprinting. Information on Xprobe2’s technology can be obtained from [1] and [2].

The new version of Xprobe2 introduces enhancements and advancements in Xprobe2’s development.

Xprobe2 now includes:

- A TCP fingerprinting module (among the other fingerprinting modules the tool uses)
- A Port Scanner
- An automatic receive timeout for Xprobe2's different modules
- The ability to completely control the tool’s operation
- A newly built signature database with over 160 signatures
- And other enhancements and fixes

Xprobe2 is more accurate then ever before, and the only active operating system fingerprinting tool, which is able to uniquely identify Microsoft Windows 2000 Server SP3, Microsoft Windows 2000 Server SP4, Microsoft Windows 2003 Server Enterprise Edition, and Microsoft Windows 2003 Standard Edition.

The source code of Xprobe2 v0.2 rc1 can be found at:
http://www.sys-security.com/archive/tools/xprobe2/xprobe2-0.2rc1.tar.gz

MD5: e97cf2f230408a1ade8a6769125159f3
SHA1: 63ab6bdf0f6869d8c51dc0d372a43d373c1043bd


Xprobe2’s new version release is accompanied by a white paper titled: “The Present and Future of Xprobe2 – The Next Generation of Active Operating System Fingerprinting”. The white paper includes a detailed description of the tool’s new features as well as a future development plan and many examples for the tool usage.

The white paper can be downloaded from:
http://www.sys-security.com/archive/papers/Present_and_Future_Xprobe2- v1.0.pdf


The presentation given at Blackhat USA 2003 and at Defcon 11 is available from: http://www.sys-security.com/archive/blackhat/USA2003/ Ofir_Arkin_BH_USA_2003_v1.0.1.zip [~2.3mb] http://www.sys-security.com/archive/blackhat/USA2003/ Ofir_Arkin_BH_USA_2003_v1.0.1.ppt [~3.3mb]



Yours
Xprobe2 development team,

Ofir Arkin [ofir () sys-security com]
Founder
The Sys-Security Group
http://www.sys-security.com
PGP CC2C BE53 12C6 C9F2 87B1 B8C6 0DFA CF2D D360 43FA


Fyodor Yarochkin [fygrave () tigerteam net]


Meder Kydyraliev [Meder () areopag net]



[1] http://www.sys-security.com/html/projects/X.html
[2] “xprobe2 - A 'Fuzzy' Approach to Remote Active Operating System Fingerprinting”, Ofir Arkin & Fyodor Yarochkin, August 2002, http://www.sys-security.com/archive/papers/Xprobe2.pdf


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]