Home page logo

nmap-dev logo Nmap Development mailing list archives

New tool based on Nmap
From: Olivier Courtay <olivier.courtay () irisa fr>
Date: Mon, 01 Mar 2004 16:20:13 +0100


I have written a tool called Nmap-Stateful based on Nmap code (but Nmap-Stateful is not a part of the official Nmap distribution).

What is Nmap-Stateful :
To do OS fingerprinting, Nmap is able to launch test on open or closed TCP port. Only these states are used. In my tool, before launching packet test, I bring the tested host in the wanted TCP state (Establised or Syn_receive for example).

Tests are easy to write, they are described in a file (you can define your own tests)
Actually in the tarball there is two files of test :
   - a file for compatibility : tests are tests of Nmap
- an example file of test in the SYN_RECV state (there are few fingerprints associated with this file test).

What is the Goals :
- Improve the OS fingerprinting (more state reached => more tests possibles => more accuracy) - Test a TCP/IP stack : we can reach a lot of states and launch strange packets. - Test stateful firewall : if a firewall is in the middle of a connection, we can test what is his reaction with a strange packet in a existing TCP connection.
The tool is still in developpement but it should work.
It works only with Linux 2.4 or 2.6 (because I use Netfilter), portability is possible with the libdnet.

More information: http://home.gna.org/nmapstateful/
Downlaod the tool: http://download.gna.org/nmapstateful/nmap-stateful.tar.bz2

Olivier Courtay

Email : olivier __at__ courtay __dot__ org

For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List archive: http://seclists.org

  By Date           By Thread  

Current thread:
  • New tool based on Nmap Olivier Courtay (Mar 01)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]