Nmap Announce mailing list archives
Re: HPUX fingerprint
From: Max Vision <vision () whitehats com>
Date: Wed, 16 Dec 1998 13:01:37 -0800 (PST)
On Wed, 16 Dec 1998, Fyodor wrote:
On Tue, 15 Dec 1998, Jonathan Scott Duff wrote:Here's a TCP fingerprint for HPUX 9.05. What's the official way to get this added?That is an excellent question. If anyone finds machines that have at least one port open for which nmap reports 'no OS matches for this host', it would be great if you could mail me the fingerprint nmap gives you. Please send the operating system name and version number along with it. And be sure you are correct about what OS it is running.
Fyodor, Here is a valid fingerprint for OpenStep 4.1 FingerPrint OpenStep 4.1 TSeq(Class=64K) T1(Resp=Y%DF=N%W=F87%ACK=S++%Flags=AS%Ops=M) T2(Resp=N) T3(Resp=Y%DF=N%W=F87%ACK=O%Flags=A%Ops=) T4(Resp=Y%DF=N%W=1000%ACK=O%Flags=R%Ops=) T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=0%UCK=0%ULEN=134%DAT=E) I've been using nmap (and queso and tcpseq juarez and ....) since it was public and I was very excited to see you now support os detection and seq prediction. Your coding efforts have saved me countless hours of patching together less powerful software to get the same job done. THANKS!:) Max
Current thread:
- HPUX fingerprint Jonathan Scott Duff (Dec 15)
- Re: HPUX fingerprint Evan Brewer (Dec 16)
- Re: HPUX fingerprint Fyodor (Dec 16)
- Re: HPUX fingerprint Max Vision (Dec 16)
- Linux 2.0.36 detected as 2.0.35 Mario Camou (Dec 16)
- Re: Linux 2.0.36 detected as 2.0.35 Lucid Dream (Dec 16)
- Re: Linux 2.0.36 detected as 2.0.35 Mario Camou (Dec 16)
- Re: Linux 2.0.36 detected as 2.0.35 Peter van Dijk (Dec 16)
- Re: Linux 2.0.36 detected as 2.0.35 Fyodor (Dec 19)
- Re: Linux 2.0.36 detected as 2.0.35 Evan Brewer (Dec 16)
- <Possible follow-ups>
- Re: HPUX fingerprint Evan Brewer (Dec 16)