Nmap Announce mailing list archives
Hey, Fyodor, How does this OS Scan stuff work?
From: Lamont Granquist <lamontg () raven genome washington edu>
Date: Thu, 17 Dec 1998 11:14:29 -0800
We're all breathlessly awaiting your phrack article, but I know it would save me a huge amount of time in tearing apart these tcpdumps and figuring out what OS scan is doing on different platforms and why it doesn't always work, if I could get a little bit of an overview of what the traffic looks like. It might also help other nmap-hackers, which is why the post is to the list... Could you give an overview of what happens after the portscan and what packets go out (you don't need to go into details such as timeouts, and retransmissions and such, i can read the source), but for example, what in the name of christ is this monstrosity: send_tcp_raw(rawsd, &o.decoys[decoy], &target->host, current_port, openport, sequence_base, 0,TH_BOGUS|TH_SYN, 0,"\003\003\01 2\001\002\004\001\011\010\012\077\077\077\077\000\000\000\000\000\000" , 20, NULL, 0); -- Lamont Granquist lamontg () raven genome washington edu Dept. of Molecular Biotechnology (206)616-5735 fax: (206)685-7344 Box 352145 / University of Washington / Seattle, WA 98195 PGP pubkey: finger lamontg () raven genome washington edu | pgp -fka
Current thread:
- SNMP to nmap? Michael Dodwell (Dec 16)
- Re: SNMP to nmap? Emerson (Dec 17)
- Re: SNMP to nmap? Matthew Franz (Dec 17)
- Re: SNMP to nmap? Lamont Granquist (Dec 17)
- NMAP IRIX Port Lamont Granquist (Dec 17)
- Hey, Fyodor, How does this OS Scan stuff work? Lamont Granquist (Dec 17)
- Re: SNMP to nmap? Evan Brewer (Dec 17)
- RPC portscanning Lamont Granquist (Dec 17)
- Re: RPC portscanning Evan Brewer (Dec 17)
- Re: SNMP to nmap? ubik (Dec 17)
- Re: SNMP to nmap? Evan Brewer (Dec 17)
- Re: SNMP to nmap? Matthew Franz (Dec 17)
- Re: SNMP to nmap? Emerson (Dec 17)
- <Possible follow-ups>
- Re: SNMP to nmap? James W. Abendschan (Dec 17)