Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

nmap-dev logo Nmap Development mailing list archives

Re: Helping NMap Get Better OS Detection
From: MadHat <madhat () unspecific com>
Date: Thu, 8 Apr 2004 21:33:11 -0500
On Apr 8, 2004, at 8:24 PM, Alan S. Jones wrote:
I should qualify based on the previous comment, a "report back all" type parameter for an IP address might be a nice parameter to gather detailed 
info and get hardware/os signatures on equipment.
I don't think nmap was reporting MAC addresses and I figured it could do 
that also.
You can only report the MAC if it is on the local network. If it has to get past switches into another subnet, the MAC is not included. The only way I know around this is to use some protocols that report the MAC, the main one being NetBIOS and the nbtstat packets on udp/137, but without that there is little you can do to get the MAC from a distance. 






Date: Mon, 05 Apr 2004 21:23:53 -0500
To: nmap-dev () insecure org
From: "Alan S. Jones" <asj () ipa net>
Subject: Helping NMap Get Better OS Detection


I was wondering does in NMap have a scan setting that says tell me all
about this device from the perspective that if we captured that data we 
could send it in to be included in future NMap releases?
For example today I had Nmap scan our Sharp copier/printer and it reported it as an Okidata printer. So a future version could say Sharp or Okidata 
etc?
I have often wondered though as the scanning process gets better if you had two boxes like two printers that normally might be reported as the same if in the future they could be reported as being different if we could get 
enough details into NMap's database.
On a side note will we see a final binary of NMap 3.51 etc anytime soon? 

Keep up the good work.

Alan








--
Alan S. Jones
asj () ipa net
http://users.ipa.net/~asj


---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to
nmap-dev-help () insecure org . List archive: http://seclists.org





---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List archive: http://seclists.org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]