Home page logo

Nmap Announce mailing list archives

fooling nmap
From: "Bep Verberk" <verberk () nortelnetworks com>
Date: Thu, 10 Feb 2000 08:49:56 -0500

Its easy to do a custom hack to fool nmap, but its "custom", its on my
few boxes alone.

I would not like to see nmap evolving to work around every possible customization that
comes along - unless of course a particular little trick becomes widespread - but then it
actually becomes a useful fingerprint.

IMHO the preferred approach is  continued addition of ways to customize and randomize
scans, so that the scanning itself does not have a predictable fingerprint.

BTW, anyone working on an ID  tool that fingerprints nmap ?  Something that
would identify an nmap scan, the type of scan, the version of nmap, the OS the
scan was run from, etc.

Bep Verberk
verberk () nortelnetworks com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]