Nmap Announce mailing list archives
Win95/98/NT
From: CyberPsychotic <mlists () gizmo kyrnet kg>
Date: Sun, 27 Dec 1998 19:02:43 +0500 (KGT)
I've just read Fyodor's article regarding OS detecting in Phrack, and found out that problem with differing TCP stack of Win95/98 and NT still persists. The one way (not that extreme as mentioned in article :)), would be sending netbios queries and watching the different responces (if ports 137/138/139 aint blocked on firewalls). I've done some code some time ago, based on Hobbit's article, which may give you an idea what I am talking about (actually I used it to retrive the netbios name from remote box, but due to different responces, every breed of M$ gives, it could be used for OS detecting as well). If anyone's interested the url is: http://www.kalug.lug.net/coding/tellme.tar.gz regards ~F. -- fygrave () tigerteam net http://www.kalug.lug.net
Current thread:
- Win95/98/NT CyberPsychotic (Dec 27)