Home page logo
/

Nmap Announce mailing list archives

Re: Protocol scan with nmap
From: Fyodor <fyodor () insecure org>
Date: Sun, 28 May 2000 15:52:27 -0700 (PDT)

On Sun, 28 May 2000, Gerhard Rieger - privat wrote:

of the IP portocol field, as used for selecting ICMP, TCP, UDP etc. For a year
now I had a perl "proof of concept" implementation; recently I decided to build
this feature into nmap. The result is now finished; I am sending the patch to
Fyodor in the hope that he will accept it for nmap.

That sounds like an extremely cool patch!  I probably will add it to Nmap.  
When you send it to me, CC the list so they can look it over and try it
out.  Hopefully they will send any problems or suggestions to you and I.

which is obviously wrong; Fyodor, nmap does not seem to recognize both
OS fingerprints :-(

It does for me:

amy~#nmap -O -sS 216.218.218.233
[ . . . ]
Remote operating system guess: Solaris 2.6 - 2.7

amy~#nmap -O -sS 207.69.138.68
[ . . . ]
Remote operating system guess: FreeBSD 2.2.1 - 4.0

You aren't scanning through a some sort of NAT or IP masquerading device,
are you?  Those can corrupt the fingerprints.  If you have a real IP
address with no strange network obstructions between you and the
www.insecure.org machines, run nmap with -d and send me the fingerprints
it produces.

Cheers,
Fyodor



--
Fyodor                            'finger pgp () pgp insecure org | pgp -fka'
Frustrated by firewalls?          Try nmap: http://www.insecure.org/nmap/
"The percentage of users running Windows NT Workstation 4.0 whose PCs
 stopped working more than once a month was less than half that of Windows 
 95 users."-- microsoft.com/ntworkstation/overview/Reliability/Highest.asp




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]