mailing list archives
Re: nmap 4: Still no MSS in SYN scans?
From: Richard Moore <rich () westpoint ltd uk>
Date: Fri, 03 Feb 2006 10:05:34 +0000
On Wed, Feb 01, 2006 at 02:01:41PM +0100, Juergen Schmidt wrote:
If someone has a better/alternative idea, speak up! mss 1460 is
common enough that it shouldn't raise any flags, yet a little shorter
than the most common (mss, nop, nop, sackOK) combination above.
A facility I added to a scanner we use internally (we plan to
GPL it when we get time to make a release) was to allow it to
spoof the appearance of different network stacks. So for example
it can put in the same options, TTL etc. as a windows box or
appear like a linux box. In general this doesn't make any
difference of course, but it might be an interesting feature to
have in nmap as well.
Richard Moore, Principal Software Engineer,
Albion Wharf, 19 Albion Street, Manchester, M1 5LN, England
Tel: +44 161 237 1028
Fax: +44 161 237 1031
Sent through the nmap-dev mailing list