mailing list archives
Re: Time to lose gen1 OS detection?
From: "Kris Katterjohn" <katterjohn () gmail com>
Date: Mon, 29 Oct 2007 08:17:32 -0500
On 10/28/07, Fyodor <fyodor () insecure org> wrote:
1st generation Nmap OS detection had a great run, lasting 9 years.
But now that the 2nd generation DB has grown considerably, it may be
about time to let gen1 OS detection go. It complicates the code, and
the gen1 DB itself takes up more than 800K of space.
Then gen2 system still only has 827 fingerprints compared to 1684 in
gen1. But the new system has better fingerprints, and for more recent
and relevant system.
So gen1 OS detection will probably be gone in the next release unless
I hear from people who can demonstrate good reasons for it to stay.
If you scan large networks and find that -O1 still works better than
-O2, that's the sort of thing we'd like to hear.
I think we should drop the 1st Gen before the next stable release, but
I'm not sure about right now.
I think we should drop it for the last planned development release,
that makes sure it works for everyone before the stable (if something
was forgotten), and still gives time for the 2nd Gen fingerprints to
come in before the 1st gen is gone.
Sent through the nmap-dev mailing list
Archived at http://SecLists.Org
Re: Time to lose gen1 OS detection? joe haldon (Oct 29)
Re: Time to lose gen1 OS detection? Fyodor (Oct 30)