Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: nmap and a new idea
From: Fyodor <fyodor () insecure org>
Date: Mon, 8 Mar 2004 00:28:47 -0800

On Mon, Mar 08, 2004 at 12:36:44AM -0700, Dual Mobius wrote:

Xprobe2 uses a simple "fuzzy logic" system where the scores for tests are 
summed and then the results are sorted in descending order.

Nmap has actually had this feature for much longer than Xprobe2 has
existed.  I added the option in August of 2000 (version 2.53BETA3),
but I haven't gotten around to documenting it yet :).  So I don't
blame you for missing it.  Next time Nmap tells you "no matches
found", try again with the --fuzzy (or, equivalently, --osscan_guess)
option and Nmap will give you a reverse-sorted list of the closest

I will soon update Nmap to guess in more situations, even if you don't
specify --fuzzy .  That will reduce the need for --fuzzy to the extent
that I may never even need to document it.

The reason I kept this option secret was that I considered a wrong
guess to be worse than no guesses at all.  So Nmap only printed
results when every single test matched a signature.  After all,
Xprobe2 is guessing in your example and look how wrong it is.  But I
now consider guessing OK as long as Nmap is very explicit that this is
less certain than its normal OS guess.


For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List archive: http://seclists.org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]