mailing list archives
Re: Time to lose gen1 OS detection?
From: "DePriest, Jason R." <jrdepriest () gmail com>
Date: Mon, 29 Oct 2007 09:41:13 -0600
On 10/28/07, Fyodor wrote:
1st generation Nmap OS detection had a great run, lasting 9 years.
But now that the 2nd generation DB has grown considerably, it may be
about time to let gen1 OS detection go. It complicates the code, and
the gen1 DB itself takes up more than 800K of space.
Then gen2 system still only has 827 fingerprints compared to 1684 in
gen1. But the new system has better fingerprints, and for more recent
and relevant system.
So gen1 OS detection will probably be gone in the next release unless
I hear from people who can demonstrate good reasons for it to stay.
If you scan large networks and find that -O1 still works better than
-O2, that's the sort of thing we'd like to hear.
Is there an easy way to put out a call for fingerprints?
I am talking about a way to determine what systems are missing from
the 2nd gen database and specifically request that folks with access
to those systems provide scan data.
Putting that out for a month or so and culling the responses could
help fill in the gaps and hopefully pull in most of the "old" systems
that are still in use.
Just a thought.
Sent through the nmap-dev mailing list
Archived at http://SecLists.Org
Re: Time to lose gen1 OS detection? joe haldon (Oct 29)
Re: Time to lose gen1 OS detection? Fyodor (Oct 30)
Re: Time to lose gen1 OS detection? DePriest, Jason R. (Oct 29)
RE: Time to lose gen1 OS detection? Dario Ciccarone (dciccaro) (Oct 29)
Re: Time to lose gen1 OS detection? kx (Oct 29)
- Re: Time to lose gen1 OS detection?, (continued)