Home page logo
/

nmap-dev logo Nmap Development mailing list archives

U1.RID fix
From: "Mike pattrick" <mpattrick () rhinovirus org>
Date: Fri, 30 May 2008 22:02:45 -0400

Hey everyone,

I just committed another bug fix for OS detection. The U1.RID probe
sends the ID of a ICMP packet to 1024 and then checks the ID of the
returning packet, however it wasn't being converted to/from network
byte order properly. This didn't effect any host that kept the ID
static, but some hosts (mainly HP printers) reversed it and for these
hosts the ID was being recorded backwards (so it was being flipped
twice) on little endian computers but being recorded properly on big
endian computers. This doesn't effect any of the OS's that set the ID
to something constant.

I also updated the nmap-os-db by flipping the byte order on hosts with
RID=1042 to RID=4210 to reflect the changes in osscan2.cc.

Cheers,
Michael

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
  • U1.RID fix Mike pattrick (May 31)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]