mailing list archives
Re: Protocol scan with nmap
From: Fyodor <fyodor () insecure org>
Date: Sun, 28 May 2000 15:52:27 -0700 (PDT)
On Sun, 28 May 2000, Gerhard Rieger - privat wrote:
of the IP portocol field, as used for selecting ICMP, TCP, UDP etc. For a year
now I had a perl "proof of concept" implementation; recently I decided to build
this feature into nmap. The result is now finished; I am sending the patch to
Fyodor in the hope that he will accept it for nmap.
That sounds like an extremely cool patch! I probably will add it to Nmap.
When you send it to me, CC the list so they can look it over and try it
out. Hopefully they will send any problems or suggestions to you and I.
which is obviously wrong; Fyodor, nmap does not seem to recognize both
OS fingerprints :-(
It does for me:
amy~#nmap -O -sS 220.127.116.11
[ . . . ]
Remote operating system guess: Solaris 2.6 - 2.7
amy~#nmap -O -sS 18.104.22.168
[ . . . ]
Remote operating system guess: FreeBSD 2.2.1 - 4.0
You aren't scanning through a some sort of NAT or IP masquerading device,
are you? Those can corrupt the fingerprints. If you have a real IP
address with no strange network obstructions between you and the
www.insecure.org machines, run nmap with -d and send me the fingerprints
Fyodor 'finger pgp () pgp insecure org | pgp -fka'
Frustrated by firewalls? Try nmap: http://www.insecure.org/nmap/
"The percentage of users running Windows NT Workstation 4.0 whose PCs
stopped working more than once a month was less than half that of Windows
95 users."-- microsoft.com/ntworkstation/overview/Reliability/Highest.asp