Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: nmap 4: Still no MSS in SYN scans?
From: Richard Moore <rich () westpoint ltd uk>
Date: Fri, 03 Feb 2006 10:05:34 +0000



Fyodor wrote:
On Wed, Feb 01, 2006 at 02:01:41PM +0100, Juergen Schmidt wrote:
If someone has a better/alternative idea, speak up!  mss 1460 is
common enough that it shouldn't raise any flags, yet a little shorter
than the most common (mss, nop, nop, sackOK) combination above.

A facility I added to a scanner we use internally (we plan to
GPL it when we get time to make a release) was to allow it to
spoof the appearance of different network stacks. So for example
it can put in the same options, TTL etc. as a windows box or
appear like a linux box. In general this doesn't make any
difference of course, but it might be an interesting feature to
have in nmap as well.

Cheers

Rich.
-- 
Richard Moore, Principal Software Engineer,
Westpoint Ltd,
Albion Wharf, 19 Albion Street, Manchester, M1 5LN, England
Tel: +44 161 237 1028
Fax: +44 161 237 1031


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault