Nmap Development mailing list archives
Re: Nessus's Nmap competitor
From: "DePriest, Jason R." <jrdepriest () gmail com>
Date: Tue, 2 Sep 2008 19:56:39 -0500
On Tue, Sep 2, 2008 at 3:49 PM, Arturo 'Buanzo' Busleiman <> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Fyodor wrote:Some of these we have, but others we don't (or perhaps not as well). Having application-level OS detection checks in addition to stack fingerprinting is useful, because it helps understand cases such as port forwarding/DNAT where a load balancer or firewall might forward certain ports to completely different systems. As that OS detection blog entry is more than a year old, there might be other os_fingerprint_* plugins by now.I always liked "my" idea of doing OS Fingerprinting based on port-grouping using QSCAN. I'd really like to see something like it already integrated into nmap. It has helped me a lot when used manually to get better OS detections (when systems are not behind packet-mangling routers/nats). (http://osdir.com/ml/security.nmap.devel/2006-12/msg00124.html) - -- Arturo "Buanzo" Busleiman Independent Linux and Security Consultant - SANS - OISSG - OWASP http://www.buanzo.com.ar/pro/eng.html Mailing List Archives at http://archiver.mailfighter.net
Sorry to hijack, but I had questions about this idea. How useful is port grouping based fingerprinting for something other than Windows? The available ports for other OSes are pretty dynamic and depend almost entirely on what applications the end-user decides to install. Also since getting rid of native NetBIOS, the only port you'll always find for Windows is 445. I'm asking because I've always thought this was a good idea, too. We need to take into account the combination of ports open on a host and not just what the individual ports have to say. I'd hoped someone with more skills would build a host NSE script for it. -Jason _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Nessus's Nmap competitor Fyodor (Sep 02)
- RE: Nessus's Nmap competitor Andrew J. Sledge (Sep 02)
- Re: Nessus's Nmap competitor Arturo 'Buanzo' Busleiman (Sep 02)
- Re: Nessus's Nmap competitor DePriest, Jason R. (Sep 02)
- Re: Nessus's Nmap competitor Arturo 'Buanzo' Busleiman (Sep 02)
- Re: Nessus's Nmap competitor doug (Sep 03)
- Re: Nessus's Nmap competitor DePriest, Jason R. (Sep 02)