Nmap Development mailing list archives
Question Regarding Passive Fingerprinting
From: Jay Fink <jay.fink () gmail com>
Date: Sun, 23 Aug 2009 14:03:11 -0400
Hello,
I have a question/suggestion regarding a capability I discussed with a
coworker recently. Essentially I was asked if something like this
sounded feasible:
Have nmap run as a daemon which reads packets passively then
reports the service based on port/strings/payload/whatever...
Well - that is the short short version; my response was:
I would think ncat would be where something like that would be
employed or nse; the steps might be instead of trying to do it all
live something more akin to perhaps session recording then post
processing (or processing in transit) the information.
My questions are really two:
- does the nmap suite do this already?
- and if not; was I even close to the mark? :)
Thanks,
Jay
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Current thread:
- Question Regarding Passive Fingerprinting Jay Fink (Aug 23)
- Re: Question Regarding Passive Fingerprinting Ron (Aug 23)
- Re: Question Regarding Passive Fingerprinting Jay Fink (Aug 23)
- Re: Question Regarding Passive Fingerprinting DePriest, Jason R. (Aug 24)
- Re: Question Regarding Passive Fingerprinting Jay Fink (Aug 23)
- Re: Question Regarding Passive Fingerprinting Ron (Aug 23)