Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

nmap-dev logo Nmap Development mailing list archives

Re: Fyodor, I would like to have your point of vue on SinFP tool
From: GomoR <nmap-hackers () gomor org>
Date: Sat, 13 May 2006 14:06:00 +0200
On Fri, May 12, 2006 at 05:41:56PM -0700, Fyodor wrote:
[..]

No, I think it is entirely appropriate here.  Thanks for posting, even


Perfect. 


though I was already familiar with SinFP.  I took a look at it in
March while Zhao Lei and I were working on a 2nd generation
fingerprinting system for Nmap.


Thank you ;) 


It is a great little tool, though I
dispute the web page statement that Nmap's "approach to OS
fingerprinting is becoming to be obsolete" due to "stateful filtering
devices, PAT/NAT configurations and emerging packet normalization
technologies".


Yes, and I need to apologies for that. When I released it the first
time (on june 2005), I got nearly zero replies. And the one I received
were not useful. 

So, I changed my mind, and resolved to use marketting wording, to
trick people into trying SinFP. It is not simple to change user
habits. 


I agree that those obstacles can be a challenge, but
Nmap is pretty resilient to most of this.  It has to be, given that
people use it across just about every sort of network available.  But
I hope the new system will be even more powerful.


Well, I used to work for a company that developped a vulnerability
scanner. And when you see nmap giving Turtle OS, when it is, in fact,
a classical Linux, you change your mind. But I am not here to start
a troll or flamewar. 

Just to finish on this subject; I will add:
No response from a probe is not meaningful. We cannot conclude anything.
No bug report from users is not meaningful. We cannot conclude anything. 


I hope to release a
paper very soon to nmap-dev documenting that upcoming system.  We
would of course appreciate your input.


And I will be very glad to comment on it, to help make nmap better. 


Cheers,
-F


 --
 ^  ___  ___             http://www.GomoR.org/          <-+
 | / __ |__/          Systems & Security Engineer         |
 | \__/ |  \     ---[ zsh$ alias psed='perl -pe ' ]---    |
 +-->  Net::Packet <=> http://search.cpan.org/~gomor/  <--+


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]