Nmap Development mailing list archives
TCP_WINDOW and TCP_MSS correlation as feature
From: Alexandru Geana <alex () alegen net>
Date: Mon, 11 May 2015 19:59:12 +0200
Hello devs, During one IRC discussion, an idea was brought up to use the correlation between TCP_WINDOW and TCP_MSS as a feature for the IPv6 logistic regression model. Attached to this email I am sending two patches, one for the nmap codebase and another for the ipv6tests folder which adds this new feature. While testing on scanme.nmap.org, I noticed that the novelty threshold was too low (nmap had the top result with novelty at around 20.8), so I set the FP_NOVELTY_THRESHOLD to 25. Let me know what you think and if you find any problems with it. Best regards, Alexandru Geana alegen.net
Attachment:
ipv6tests.diff
Description:
Attachment:
nmap.diff
Description:
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- TCP_WINDOW and TCP_MSS correlation as feature Alexandru Geana (May 11)
- Re: TCP_WINDOW and TCP_MSS correlation as feature Daniel Miller (May 21)
- Re: TCP_WINDOW and TCP_MSS correlation as feature Alexandru Geana (May 22)
- Re: TCP_WINDOW and TCP_MSS correlation as feature Alexandru Geana (May 28)
- Re: TCP_WINDOW and TCP_MSS correlation as feature Alexandru Geana (May 22)
- Re: TCP_WINDOW and TCP_MSS correlation as feature Daniel Miller (May 21)