Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: nmap 4: Still no MSS in SYN scans?
From: Richard Moore <rich () westpoint ltd uk>
Date: Fri, 03 Feb 2006 10:05:34 +0000

Fyodor wrote:
On Wed, Feb 01, 2006 at 02:01:41PM +0100, Juergen Schmidt wrote:
If someone has a better/alternative idea, speak up!  mss 1460 is
common enough that it shouldn't raise any flags, yet a little shorter
than the most common (mss, nop, nop, sackOK) combination above.

A facility I added to a scanner we use internally (we plan to
GPL it when we get time to make a release) was to allow it to
spoof the appearance of different network stacks. So for example
it can put in the same options, TTL etc. as a windows box or
appear like a linux box. In general this doesn't make any
difference of course, but it might be an interesting feature to
have in nmap as well.


Richard Moore, Principal Software Engineer,
Westpoint Ltd,
Albion Wharf, 19 Albion Street, Manchester, M1 5LN, England
Tel: +44 161 237 1028
Fax: +44 161 237 1031

Sent through the nmap-dev mailing list

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]