Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: New OS Detection?

From: Alan Jones <alan () ajsquared us>
Date: Tue, 08 Aug 2006 21:13:50 -0500
Zhao and Fyodor, 

Thanks for both responding...

I did not want to seem pushing about the new OS detection.... it is just
one of those things that we are excited about.  I wish I was qualified
to make suggestions on the new OS detection process.  I am excited to
see it progress...

Hopefully we will have a strong accurate set of tests that won't get
confused or misled by firewalls, proxy servers, etc.

I also hope the new OS Database of signatures grows so fast it out paces
the current database.

good luck

Alan



Fyodor wrote:

On Mon, Aug 07, 2006 at 11:44:27PM -0500, Alan Jones wrote:
  

I was just curious how the new OS detection code was coming along...

Code? Improvements in detection? Speed? Database signatures, etc......
    


Great question.  As Zhao noted, we're still working on it, but are absolutely nearing the point where we can start 
collecting signatures.  I made some changes to the OS fingerprinting doc this morning, in fact.  We're not talking 
dramatic changes, but important little details.  Like the TCP sequence probe #6 no longer has the SACK TCP option 
because that may affect returned window size or other details against some platforms.

We want to get it just right before spending years collecting
thousands of fingerprints, so if you have ideas for improving the
system, now is definitely the time to speak up!  Our latest ideas are
documented here:

  http://insecure.org/nmap/osdetect/

  

It is an area we are all interested in....
    


I'm glad of that!  A lot of exciting development is going on this
summer (NSE, UMIT, etc.) but OS detection is definitely one of the
most important for Nmap.  So please stay tuned for our call for OS
signature gathering assistance.

Cheers,
-F


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev


  



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Previous By Date Next
Previous By Thread Next

Current thread: