Nmap Development mailing list archives
IPv6 OS Detection: Call for fingerprinters!
From: "Luis MartinGarcia." <luis.mgarc () gmail com>
Date: Fri, 01 Jul 2011 23:55:52 +0200
Hi! As you may know, David and I are working on a new OS detection engine for IPv6 hosts. At the moment we are in a research phase and we need your help to collect a few preliminary fingerprints that we can analyze and use to refine our algorithms. Basically we need people to run a python script against some IPv6 box. The script stores the results in a file with a name like nmap6fp62102933.6fp. We'd like you to send that file to this address: david+luis () nmap org Below you can find some simple instructions on how to run the script. WARNING: Please do NOT run the script against any critical box, as it performs tests that involve sending some weird IPv6 packets that might crash some sloppy implementations. Thank you very much for your help! Best regards, Luis MartinGarcia. == GENERAL STEPS == 1. Download the script from: http://nmap.org/svn/nping/nping-dev/ipv6fp.py 2. Make sure you have Python and Scapy installed in your system (See below for details on how to install them) 3. Collect the following information: - Target's IPv6 address - Target's IPv4 address - An open port in the target 4. Run the script (See instructions below). 5. Send the results file that it produces to david+luis () nmap org == RUNNING THE SCRIPT == A. The easy way: let the script request all details interactively [Run as root]: ./ipv6fp.py --interactive B. If the above does not work or you think interactive prompts are for cowards, run it with real command line parameters: B.1 If the IPv6 host is on the local link: B.1.1 Target has a link local address like fe80::20c:29ff:fe7d:c25b [Run as root]: ./ipv6fp.py TARGET_IPV6_ADDRESS --addr4 TARGET_IPV4_ADDRESS --ot OPEN_PORT_IN_TARGET --interface IFACE_NAME B.1.2 Target is on-link but its address is of global scope like 2600:3c01::f03c:91ff:fe93:cd19 Try the first command, and then the second if it does not work: [Run as root]: ./ipv6fp.py TARGET_IPV6_ADDRESS --ot 80 --addr4 TARGET_IPV4_ADDRESS --interface IFACE_NAME --send-eth [Run as root]: ./ipv6fp.py TARGET_IPV6_ADDRESS --ot 80 --addr4 TARGET_IPV4_ADDRESS --send-ip B.2 If the IPv6 host is more than one hop away. [Run as root]: ./ipv6fp.py 2600:3c01::f03c:91ff:fe93:cd19 --addr4 TARGET_IPV4_ADDRESS --ot 80 !!! Note that you have to replace TARGET_IPV6_ADDRESS with an actual IPv6 address, OPEN_PORT_IN_TARGET with the number of an open port in the box, and IFACE_NAME with the name of the appropriate network interface. Parameter --addr4 is optional, so if the target host does not have an IPv4 address, it can be omitted. However, if it does have an IPv4 address, please provide it, as this will improve our results. ==HOW TO INSTALL PYTHON AND SCAPY== + You need to have Python and Scapy to run the script. To install scapy, follow these steps: # 1. Download latest version from: wget http://www.secdev.org/projects/scapy/files/scapy-latest.tar.gz # 2. Uncompress the file, tar xvf scapy-latest.tar.gz # 3. CD into the new directory cd scapy-2.1.0 # 4. Build and install python setup.py build --force [AS ROOT] python setup.py install --force Alternatively, you may install scapy in Debian/Ubuntu running "sudo apt-get install scapy" or in RedHat/Fedora running "yum install scapy". + To install Python 2.X, follow these instructions: http://docs.python.org/using/unix.html == Troubleshooting == + Command "./ipv6fp.py --help" displays usage information. + The script can send packets at the Ethernet level or at the IP level. Although it tries to guess the appropriate level automatically, you can pass --send-eth or --send-ip to force any of them. If you use --send-eth and the script complains about not being able to resolve a MAC address, you can pass the default gateway mac address explicitly using: --gwmac 11:22:33:44:55:66 + Before sending the OS detection probes, the script runs a little connectivity test to ensure you can successfully reach the target. If the connectivity test fails but you still want to run the script, just pass --force + Do not hesitate to contact me for any additional information: {luis.mgarc () gmail com} _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- IPv6 OS Detection: Call for fingerprinters! Luis MartinGarcia. (Jul 01)
- Re: IPv6 OS Detection: Call for fingerprinters! Fyodor (Jul 06)
- Re: IPv6 OS Detection: Call for fingerprinters! Luis MartinGarcia. (Jul 07)
- Re: IPv6 OS Detection: Call for fingerprinters! Fyodor (Jul 07)
- Re: IPv6 OS Detection: Call for fingerprinters! Luis MartinGarcia. (Jul 07)
- Re: IPv6 OS Detection: Call for fingerprinters! Luis MartinGarcia. (Jul 07)
- Re: IPv6 OS Detection: Call for fingerprinters! Fyodor (Jul 06)