Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Problems in OS Detection documentation

From: João Paulo de Souza Medeiros <ignotus21 () gmail com>
Date: Tue, 04 Sep 2007 23:01:34 -0300
Hi friends,

    I'm writing about some inconsistencies that I found between 2nd 
generation of Nmap OS detection and your doucumentation. I'm using the 
Nmap 4.22SOC6, and run it with the following command:

    # nmap -O2 192.168.0.2

    The problems are in this page:

    http://insecure.org/nmap/osdetect/osdetect-methods.html

    First, in the section "Sequence generation" the values of TSval is 
discriminated as 0xFFFFFF, but it's 0xFFFFFFFF for all packets. And in 
the Packets #2, #4 and #5 the EOL TCP Option is used, but not 
discriminated in documentation.

    Second, in the section "ICMP echo" for the first ICMP packet the 
documentation says that a random character is repeated 120 times, but in 
many tests I only see occurrancy of 0x00.

    The captured traffic can be downloaded from url bellow, the file 
format is of libpcap. I'm using Wireshark to do this task.

    http://www.engcomp.ufrn.br/~ignotus/temp/nmap-os2.cap

    Thanks for your attention. Good work with the new Nmap book ;)

Att, ignotus.

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: