Nmap Development mailing list archives
Re: suggestion
From: Ron <iago () valhallalegends com>
Date: Tue, 23 Aug 2005 11:44:02 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 It seems to me that it would make more sense to use p0f for that purpose. John Hally wrote:
Hello All, What about doing something similar to p0f? I'm thinking of a daemon option that watches a span port and dumps out the info to text/sql/whatever. The idea I'm thinking of is tying this into ids (snort) alerts to help cut down on time. (ie, a windows attack to a linux box is obviously low priority) Possibly down the road becoming a passive vulnerability 'scanner'. Just a thought.. Thanks! _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.9.15 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDC1JRfqSf2EkP4p4RAhSnAJ436E8CTo3q/CM4nDKvnYfxam0P6ACeN1Jm uHaZiKAK6jCk9D95XxqF7iM= =3tyi -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- suggestion John Hally (Aug 22)
- Re: suggestion Ron (Aug 23)