Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Re: [tool] the new p0f 2.0.1 is now out

From: Michal Zalewski <lcamtuf () ghettot org>
Date: Thu, 4 Sep 2003 23:24:07 +0200 (CEST)
On Thu, 4 Sep 2003, Matt Barrie wrote:


Does it do DNS resolution on logfiles? If so, this may be a way of
detecting.


Not until you explictly enable this option, which is generally a silly
idea (all the resolver bugs, performance impact due to dns lags, etc).

There's one good way, though, send a really weird TCP/IP SYN packet with
odd options and flags, and wait... if the curious user nmaps you back...
;-)

-- 
------------------------- bash$ :(){ :|:&};: --
 Michal Zalewski * [http://lcamtuf.coredump.cx]
    Did you know that clones never use mirrors?
--------------------------- 2003-09-04 23:22 --

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: