Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

nmap-dev logo Nmap Development mailing list archives

operating system identification
From: Jan Werner <xian () mat uni torun pl>
Date: Wed, 9 Jul 2003 14:26:15 +0200 (CEST)
Hi
I'm new to this group so I'm bit stressed.
Problem description:
I've recently worked with iptables to block some packets used by nmap to
fingerprint os'es. I used iptables with match unclean to block some
packets incoming. It worked well to block packets used in test 2,3,7 and
after some tweaking test 1. Responses to other test were succesfuly
gathered. What's strange that nmap tries again all the tests not only
unsusccesful it's bit weird - I went through sources (mostly osscan.cc )
in nmap v3.30 and thought it shouldn't. It would be nice if only failed
probes would retry. Dunno what's happening.
I can provide gathered information ( nmap -vv -d2  and packet dumps in
pcap format) if someone is interested.
greetings
xian


---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).

  By Date           By Thread  

Current thread:
  • operating system identification Jan Werner (Jul 09)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]