|
Nmap Development
mailing list archives
PortBunny - FX and Fabs at 24C3
From: kx <kxmail () gmail com>
Date: Sat, 5 Jan 2008 16:19:39 +0100
From: http://seclog.de/2008/01/03/review-24c3/
"Port Scanning Improved - FX, Fabs
Fabs presented Port Bunny, a TCP-SYN port scanner with high speed. It
will be released soon and seclog is currently preparing a benchmark of
Nmap, Unicornscan and Port Bunny. You will hear of Port Bunny in the
future. It is definitely a handy tool for penetration testers."
Links to the videos can be found here:
http://events.ccc.de/congress/2007/Conference_Recordings
Slides are here:
http://www.recurity-labs.com/portbunny/24c3PortBunnySlides.pdf
Effectively, they find responsive hosts to acts as triggers for
detecting packet loss. Dan Kaminsky was talking about this stuff at
least as far back as 2005 with Scanrand, but I am sure earlier. He
called them canaries as opposed to triggers.
I watched the video, and I don't know what version of nmap they were
testing against. I am not sure if they looked at David's code:
http://seclists.org/nmap-dev/2007/q3/0433.html
Anyhow, thought people might be interested.
-kx
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
 By Date 
By Thread
Current thread:
- PortBunny - FX and Fabs at 24C3 kx (Jan 05)
|
Intro
