Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Nmap Development: Re: Helping NMap Get Better OS Detection

Re: Helping NMap Get Better OS Detection

From: MadHat <madhat_at_unspecific.com>
Date: Thu, 8 Apr 2004 21:33:11 -0500

On Apr 8, 2004, at 8:24 PM, Alan S. Jones wrote:
> I should qualify based on the previous comment, a "report back all"
> type
> parameter for an IP address might be a nice parameter to gather
> detailed
> info and get hardware/os signatures on equipment.
>
> I don't think nmap was reporting MAC addresses and I figured it could
> do
> that also.

You can only report the MAC if it is on the local network. If it has
to get past switches into another subnet, the MAC is not included. The
only way I know around this is to use some protocols that report the
MAC, the main one being NetBIOS and the nbtstat packets on udp/137, but
without that there is little you can do to get the MAC from a distance.

>
>
>
>> Date: Mon, 05 Apr 2004 21:23:53 -0500
>> To: nmap-dev_at_insecure.org
>> From: "Alan S. Jones" <asj_at_ipa.net>
>> Subject: Helping NMap Get Better OS Detection
>>
>>
>> I was wondering does in NMap have a scan setting that says tell me all
>> about this device from the perspective that if we captured that data
>> we
>> could send it in to be included in future NMap releases?
>>
>> For example today I had Nmap scan our Sharp copier/printer and it
>> reported
>> it as an Okidata printer. So a future version could say Sharp or
>> Okidata
> etc?
>>
>> I have often wondered though as the scanning process gets better if
>> you had
>> two boxes like two printers that normally might be reported as the
>> same if
>> in the future they could be reported as being different if we could
>> get
>> enough details into NMap's database.
>>
>> On a side note will we see a final binary of NMap 3.51 etc anytime
>> soon?
>>
>> Keep up the good work.
>>
>> Alan
>>
>>
>>
>>
>>
>
>
> --
> Alan S. Jones
> asj_at_ipa.net
> http://users.ipa.net/~asj
>
>
> ---------------------------------------------------------------------
> For help using this (nmap-dev) mailing list, send a blank email to
> nmap-dev-help@insecure.org . List archive: http://seclists.org
>
>

---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to
nmap-dev-help@insecure.org . List archive: http://seclists.org
Received on Apr 09 2004

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]