<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Nmap Hackers: Re: Linux 2.0.36 detected as 2.0.35

Re: Linux 2.0.36 detected as 2.0.35

From: Evan Brewer <dmessiah_at_silcon.com>
Date: Wed, 16 Dec 1998 13:40:23 -0800

On Wed, Dec 16, 1998 at 02:29:20PM -0600, Mario Camou wrote:

> Just to say, Linux running kernel 2.0.36 is erroneously detected as 2.0.35,
> here's the fingerprint for 2.0.36:

Well theres a good explanation for this. Not every release of the linux kernel
has a modification such that the fingerprint would be different each time. If
you scan a number of different hosts which run linux, with varying kernel
releases, you will notice that nmap only picks up ranges, or specific kernels
which have very noticable changes to its network tree.

> They look the same! What to do then?

Don't strictly rely on nmap. Nmap is a great tool, however there are times
when its usefulness is limited.
Received on Dec 16 1998

This message: [ Message body ]
Next message: Hugo Leonardo Wolff de Souza: "Re: -O SIGSEGV"
Previous message: Karl Boehnker: "-O SIGSEGV"
In reply to: Mario Camou: "Linux 2.0.36 detected as 2.0.35"
Next in thread: Peter van Dijk: "Re: Linux 2.0.36 detected as 2.0.35"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos