Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Minor change to "Chapter 8. Remote OS Detection"
From: "Luis MartinGarcia." <luis.mgarc () gmail com>
Date: Sat, 07 May 2011 12:13:07 +0200

Hi,

Current version of "Chapter 8. Remote OS Detection" says:

"That length varies by implementation because they are allowed to choose
how much data from the original probe to include, as long as they meet
the minimum RFC 792 requirement. That requirement is to include the
original IP header and at least eight bytes of data."

I've been reading RFC 792, and the sentence above is not correct.
Nowhere in the RFC it says that they are allowed to choose how much data
from the original probe to include. I know implementations do what they
want, but in theory, they should only include the original IP header
plus the next 64 bits of data. This is why I suggest re-writing the
sentence to something like the following:

"That length varies because, although RFC 792 requires the inclusion of
the original IP header plus the next 8 octets of data, some
implementations include the whole datagram or more than 8 bytes of its
payload."

I attach a patch for this, although some native English speaker may want
to do a bit of rewording.

Regards,

Luis MartinGarcia.

Attachment: osdetection_rfc792.diff
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]