Nmap Development mailing list archives
Re: OS Fingerprinting Problem
From: "Michael Pattrick" <mpattrick () rhinovirus org>
Date: Tue, 2 Sep 2008 16:08:46 -0400
Hey Matt, The best way to get a fingerprint corrected in the database is by submitting it here: http://insecure.org/cgi-bin/submit.cgi If you include the full fingerprint plus all the information that you have here, its very likely to be included in the OS db soon! Cheers, Michael Pattrick On Tue, Sep 2, 2008 at 3:48 PM, net2004eng () yahoo com <net2004eng () yahoo com> wrote:
Hello Everyone, Recently a number of co-workers and I were in the process of attempting to identify a "Linksys BEFSR41 Firmware Version: 1.46.02, Aug 03 2004" device using 2 different versions of nmap. I was using nmap version: Nmap 4.62 while a co-worker was using Nmap 4.20. The device was properly identified by running 4.20, but was unable to be identified while running 4.62. After performing a diff on both files, I noticed the following difference: Scan ran: "nmap -vA x.x.x.x" 4.20: SEQ(SP=F-16%GCD=A|14|1E|28|32|3C%ISR=4F-51%TI=I%II=I%SS=S%TS=U) 4.62: SEQ(SP=F-16%GCD=A|14|1E|28|32|3C%ISR=4D-51%TI=I%II=I%SS=S%TS=U) The only difference here is for "%ISR=4F-51" to "%ISR=4D-51" I understand that the ISR accounts for the average rate of increase for the returned TCP initial sequence number. I wanted to know what can be done to get this included into the next update to nmap. The device that was scanned is accurately detected as the Linksys BEFSR41 Firmware Version: 1.46.02, Aug 03 2003 device. I plan on researching this more later, and will post any findings. If a packet trace is desired, I can post a scrubbed trace for that as well. Comments, input, and questions are welcome. Thanks, Matt
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- OS Fingerprinting Problem net2004eng () yahoo com (Sep 02)
- Re: OS Fingerprinting Problem Fyodor (Sep 02)
- RE: OS Fingerprinting Problem Aaron Leininger (Sep 04)
- Re: OS Fingerprinting Problem Michael Pattrick (Sep 02)
- Re: OS Fingerprinting Problem Fyodor (Sep 02)