Nmap Development mailing list archives
Re: Nmap 5.61TEST2 IPv6 OS Detection (Cherry Soeprapto)
From: David Fifield <david () bamsoftware com>
Date: Mon, 16 Jan 2012 11:26:44 -0800
On Mon, Jan 16, 2012 at 07:12:28AM -0800, Cherry Soeprapto wrote:
Those are all the candidate tests that were invented by Luis MartinGarcia. Not all of them are effective--we kept only the best ones in the OS engine.what are the reasons, that you keep only the 18 tests? What are the qualifications?
It's because every test takes time and packets. ipv6fp.py takes several minutes to run, but Nmap can only take a few seconds at most. The best tests are those that get different responses from different OSes. Many of the ipv6fp.py tests turned out to never get a response or to always get the same response.
If I'd like to analyse the TCP responses from different OSs, is it correct that I should only compare the: payload length, hop limit, header length, window size and the TCP options?
Generally you should compare any feature that differs between operating systems and isn't too expensive to trigger.
Would it be possible for you to make a short detail about the scripts in ipv6tests folder? https://svn.nmap.org/nmap-exp/luis/ipv6tests/README The description to run the scripts above is not so understandable for me.
I'm glad that someone is looking at those scripts. Email me off the list with the error messages that you see and I'll try to help. The scripts need a directory full of sample fingerprints to operate on. But those aren't checked into the directory because we say we will keep submissions private we get them.
I have already run tests and will submit them to you in another email. Do you need only the .6fp or the .nmap files too?
We only want the .nmap files. But it is most convenient if you can submit them here: http://insecure.org/cgi-bin/submit.cgi?new-os and not by email. David _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: Nmap 5.61TEST2 IPv6 OS Detection (Cherry Soeprapto) Cherry Soeprapto (Jan 16)
- Re: Nmap 5.61TEST2 IPv6 OS Detection (Cherry Soeprapto) David Fifield (Jan 16)