operating system identification

[Jan Werner <xian () mat uni torun pl>]

Hi
I'm new to this group so I'm bit stressed.
Problem description:
I've recently worked with iptables to block some packets used by nmap to
fingerprint os'es. I used iptables with match unclean to block some
packets incoming. It worked well to block packets used in test 2,3,7 and
after some tweaking test 1. Responses to other test were succesfuly
gathered. What's strange that nmap tries again all the tests not only
unsusccesful it's bit weird - I went through sources (mostly osscan.cc )
in nmap v3.30 and thought it shouldn't. It would be nice if only failed
probes would retry. Dunno what's happening.
I can provide gathered information ( nmap -vv -d2  and packet dumps in
pcap format) if someone is interested.
greetings
xian


---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).