patches against 3.81

[Martin Mačok <martin.macok () underground cz>]

On Sun, Jan 30, 2005 at 08:03:30PM -0800, Fyodor wrote:

> detect_TARPIT - This is a very cool technique, but I'm not sure it
>   belongs in the core distribution.  For example, sometimes you might
>   want to scan tarpits.  If it just printed a note in verbose mode
>   about potentially tarpitted hosts, that might be better.

I have implemented something similar - in verbose mode, it tells it
detected tarpit during TCP ping and so it is avoiding scanning the
host (and what to do if you want to scan it anyway). Tarpits are meant
to slow down the attackers and IMHO we should speed up the attackers as
a countermeasure ;-)

http://Xtrmntr.org/ORBman/tmp/nmap/nmap-3.78-detect_TARPIT.patch

On Sat, Feb 05, 2005 at 03:17:16PM -0800, Fyodor wrote:

> o Added an NTP probe and matches to the version detection database
>   (nmap-service-probes) thanks to a submission from Martin
>   Mačok (martin.macok () underground cz).

There is a SNMPv1public probe too (which is maybe more interesting to
more people). And now, there is a JavaRMI probe too:

http://Xtrmntr.org/ORBman/tmp/nmap/nmap-3.81-sf_misc.patch

P.S. http://Xtrmntr.org/ORBman/tmp/nmap/ contains all 'pending'
     patches (against Nmap-3.81)

Martin Mačok
ICT Security Consultant

---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List archive: http://seclists.org