Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Nmap Development: Re: Nessus's Nmap competitor

Re: Nessus's Nmap competitor

From: Arturo 'Buanzo' Busleiman <buanzo_at_buanzo.com.ar>
Date: Tue, 02 Sep 2008 17:49:44 -0300

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Fyodor wrote:
> Some of these we have, but others we don't (or perhaps not as well).
> Having application-level OS detection checks in addition to stack
> fingerprinting is useful, because it helps understand cases such as
> port forwarding/DNAT where a load balancer or firewall might forward
> certain ports to completely different systems. As that OS detection
> blog entry is more than a year old, there might be other
> os_fingerprint_* plugins by now.

I always liked "my" idea of doing OS Fingerprinting based on port-grouping using QSCAN.

I'd really like to see something like it already integrated into nmap. It has helped me a lot when
used manually to get better OS detections (when systems are not behind packet-mangling
routers/nats). (http://osdir.com/ml/security.nmap.devel/2006-12/msg00124.html)

> Does anyone here regularly use nessuscmd? Is there any part of it you
> find particularly useful?

No, never used it, but I'll probably take a look at it, but from the new Nesuss fork "OpenVAS":

http://archiver.mailfighter.net/full-disclosure/2008/August/13/0009.html
http://archiver.mailfighter.net/full-disclosure/2008/August/22/0006.html

Actually, I'm not even sure nessuscmd ships with it anyway.

During the first NSE talk (see http://seclists.org/nmap-dev/2006/q4/0058.html) some questions popped
about the ability of running/replacing NASL scripts with NSE scripts. There's lot of interesting in
something like that. Really, the only difference so far, for ME, is the amount of NASL scripts.
Anyway, that's been the motives behind Tenable going open/closed/blah/forked/etc. So...

- --
Arturo "Buanzo" Busleiman
Independent Linux and Security Consultant - SANS - OISSG - OWASP
http://www.buanzo.com.ar/pro/eng.html
Mailing List Archives at http://archiver.mailfighter.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFIvaboAlpOsGhXcE0RCiiVAJ444I7tyH3MFgsGRzeksZCUhxc42QCeKImA
u/CEX4Fjs9Zg+t3q+rVieeo=
=zH0g
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Sep 02 2008

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos