Nmap Development mailing list archives

Hosts with known OSes needed for OS detection improvement

From: David Fifield <david () bamsoftware com>
Date: Fri, 17 Oct 2008 19:06:57 -0600

Hi all,

For the past few weeks Fyodor and I have been working on improving the
accuracy of Nmap's OS detection, especially over many network hops and
in the face of packet-mangling routers. We've collected statistics from
some large-scale random Internet scans and small scans of known hosts.
This has led to a few small changes in the /nmap-exp/david/nmap-os
branch, which appear to have a good effect (for results of a small scan
see http://www.bamsoftware.com/wiki/Nmap/OSDetectionAnomalies#reference-scans).

For the next part of our research we need to scan hosts whose OS is
known. And for that we need your help.

All you need to do is send me a list of hosts whose OS is known to you
and that I can have permission to scan. Brandon Enright already sent me
a few hosts, which I used for the nmap-os tests. I'm looking for up to
five hosts per person, along with their winver/uname/version
information, which you can send to me in the form

goomba.bamsoftware.com
Linux goomba 2.6.18-6-amd64 #1 SMP Tue Aug 19 04:30:56 UTC 2008 x86_64 GNU/Linux

scanme.nmap.org
Linux syn.lnxnet.net 2.6.20-1.2320.fc5 #1 SMP Tue Jun 12 18:50:49 EDT 2007 x86_64 x86_64 x86_64 GNU/Linux

The hosts should not be behind a very restrictive firewall or do
anything weird like forwarding different ports to different other hosts.
Some firewalling is okay, after all that's what we're trying to make
Nmap handle better, but if you're unsure you can just say what kind of
filters are in place when you send your list of hosts. It's okay if Nmap
guesses the OS wrong for any of the hosts, the important thing is that
you know for sure what's running. Host names or IP addresses are fine.

There's no need to send them to the list, just send them to me. Make
sure they are hosts I have permission to scan. The command I'll run is

nmap -PN -F -d -sSU -O

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

Hosts with known OSes needed for OS detection improvement David Fifield (Oct 17)
- Re: Hosts with known OSes needed for OS detection improvement Fyodor (Oct 17)
- Re: Hosts with known OSes needed for OS detection improvement David Fifield (Oct 19)