New tool based on Nmap

[Olivier Courtay <olivier.courtay () irisa fr>]

Hello,

I have written a tool called Nmap-Stateful based on Nmap code (but 
Nmap-Stateful is not a part of the official Nmap distribution).

What is Nmap-Stateful :
To do OS fingerprinting, Nmap is able to launch test on open or closed 
TCP port. Only these states are used.
In my tool, before launching packet test, I bring the tested host in the 
wanted TCP state (Establised or Syn_receive for example).

Tests are easy to write, they are described in a file (you can define 
your own tests)
Actually in the tarball there is two files of test :
   - a file for compatibility : tests are tests of Nmap
   - an example file of test in the SYN_RECV state (there are few 
fingerprints associated with this file test).

What is the Goals :
   - Improve the OS fingerprinting (more state reached => more tests 
possibles => more accuracy)
   - Test a TCP/IP stack : we can reach a lot of states and launch 
strange packets.
   - Test stateful firewall : if a firewall is in the middle of a 
connection, we can test what is his reaction with a strange packet in a 
existing TCP connection. 

The tool is still in developpement but it should work.
It works only with Linux 2.4 or 2.6 (because I use Netfilter), 
portability is possible with the libdnet.

More information: http://home.gna.org/nmapstateful/
Downlaod the tool: 
http://download.gna.org/nmapstateful/nmap-stateful.tar.bz2


Olivier Courtay

Email : olivier __at__ courtay __dot__ org







---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List archive: http://seclists.org