Home page logo
/

Nmap Announce mailing list archives

Re: fooling nmap
From: Lance Spitzner <lance () ksni net>
Date: Thu, 10 Feb 2000 18:16:25 -0600 (CST)

On Thu, 10 Feb 2000, Bep Verberk wrote:

BTW, anyone working on an ID  tool that fingerprints nmap ?  Something that
would identify an nmap scan, the type of scan, the version of nmap, the OS the
scan was run from, etc.

Marty Roesch and Fyodor are competing on this one.  Marty develops a signature
for snort, Fyodor defeats it.  It all depends who has the lead in the arms
race.  By the way, snort is a handly little IDS/sniffer utility, you can find
it at 

http://www.clark.net/~roesch/security.html

for the latest signatures (including nmap), check out

http://www.whitehats.com

Lance Spitzner
http://www.enteract.com/~lspitz/papers.html



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]