Home page logo

Nmap Announce mailing list archives

Re: fooling nmap
From: "The Cyberiad" <cyberiad () cyberus ca>
Date: Fri, 11 Feb 2000 14:21:52 -0500

Fyodor might help with this. But to recognize OS, one would need to do
an nMap scan against the scanning host :) And that topic always brings a
thread that talks about 'legality' of counter-scan, etc, etc :)

The scanning computer's stack will respond to your own computer's
response. Trap _this_ response packet and use the IP and TCP field
information to characterize the scanning computer's OS.  There will 
certainly be less data points to work with and perhaps less information in
this packet than if you initiated a counter-scan of your own.

Has anyone investigated this ?


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]