Nmap Development mailing list archives
Re: does nmap detects kernel version higher than 2.6.23?
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Mon, 25 Aug 2008 23:12:16 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 26 Aug 2008 01:58:08 +0300 "sara fink" <sara.fink () gmail com> wrote:
OK, thank you. The kernel version is detected by fingerprinting of the tcp/ip stack or by other means?
Kernel version is detected only by way of the stack quirks that make one operating system stand out from another. Not some Linux-specific magic. Fyodor's upcoming "Nmap Network Scanning" book goes into considerable detail about how the system works: http://nmap.org/book/osdetect.html I should point out that I've submitted fingerprints for 2.6.26 as, undoubtedly, many others have too. I'm sure all the new OS fingerprint submissions will be included at some point. If staying up with the latest kernel release/quirk is important, you might try augmenting your nmap-os-db file with custom fingerprints. Brandon -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAkizPF0ACgkQqaGPzAsl94J4eACfScGiINbQroDJTd+CXZDEw1MH JXkAoIEIPaK5/MsBbDuV0f+4fusl9L7j =2DVe -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- does nmap detects kernel version higher than 2.6.23? sara fink (Aug 25)
- Re: does nmap detects kernel version higher than 2.6.23? David Fifield (Aug 25)
- Re: does nmap detects kernel version higher than 2.6.23? sara fink (Aug 25)
- Re: does nmap detects kernel version higher than 2.6.23? Brandon Enright (Aug 25)
- Re: does nmap detects kernel version higher than 2.6.23? sara fink (Aug 25)
- Re: does nmap detects kernel version higher than 2.6.23? David Fifield (Aug 25)