Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Nmap Hackers: Win95/98/NT

Win95/98/NT

From: CyberPsychotic <mlists_at_gizmo.kyrnet.kg>
Date: Sun, 27 Dec 1998 19:02:43 +0500 (KGT)

I've just read Fyodor's article regarding OS detecting in Phrack, and
found out that problem with differing TCP stack of Win95/98 and NT still
persists. The one way (not that extreme as mentioned in article :)), would
be sending netbios queries and watching the different responces (if ports
137/138/139 aint blocked on firewalls).

I've done some code some time ago, based on Hobbit's article, which may
give you an idea what I am talking about (actually I used it to retrive
the netbios name from remote box, but due to different responces, every
breed of M$ gives, it could be used for OS detecting as well). If anyone's
interested the url is: http://www.kalug.lug.net/coding/tellme.tar.gz

regards

~F. 

--
fygrave@tigerteam.net		http://www.kalug.lug.net
Received on Dec 27 1998
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos