Google2006 idea

[John Hally <JHally () epnet com>]

Hello All,

The 2005 results were absolutely awesome!   What about 'daemonizing' Nmap to
allow it to watch traffic from a SPAN/TAP port for everything on a segment
and do passive OS and application fingerprinting?  I remember there used to
be at least two tools (siphon and another one I cant remember) but they were
rudimentary at best and never came close to the fingerprinting database you
have now.  You could also have the option to actively probe an 'interesting'
host based on the passive information gathered to get better information
with an active scan.  If I had any type of coding skills I'd attempt it, but
I certainly would offer to help/test in any way as well.  

Thanks for your time.

John Hally.


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev