Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: TCP Sequence

From: Brandon Enright <bmenrigh () ucsd edu>
Date: Sun, 21 Oct 2007 07:36:27 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, 18 Oct 2007 13:12:02 +0200 plus or minus some time Mohamed Abdel
Kader <mak.pen () gmail com> wrote:


List,

Been using nmap for as long as I remember but recently starting to see a
problem with the TCP sequence algorithm.


Using nmap 4.2 under xp the TCP sequence class comes up as trivial time
dependency, with the difficulty being trivial joke.

However when I used the alpha release (4.22 SOC7) the class became truly
random with a difficulty of "Good Luck"!


Which is more reliabe? Does the alpha release contain improvements in
detecting the TCP sequence algorithm in use?


Thanks a million Fyodor!

Regards,

MAK


The bug in 4.20 was fixed (as you have seen).  The problem was that when
the second-gen OS detection was added, the difficulty numbers were changed
to much lower values and the ranges for each class (Trivial Joke, Worthy
Challenge, Good Luck, etc) were lowered with the numbers.  The problem
shows up in 4.20 only when the first-gen OS detection is run because some
debug code related to the numbering and naming was left in.

If you want to use first-gen detection still, you'll need to update to one
of the pre-release versions.  Otherwise, you can force Nmap 4.20 to just
use gen-2 by doing -O2 and your numbers and names will be accurate.

Brandon

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFHGwF7qaGPzAsl94IRAtaKAJwKQlbjnQYbAl8M1rCM/WTK6rc7qwCgjldY
c5hCKIHm4drnKEZXeRe+ytk=
=LZ2s
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: