Re: OS Fingerprinting

[Emmanuel Goldstein <goldstein101 () gmail com>]

Mmm, thinking about the new OS detection I was wondering if you Fyodor
are gonna keep the old one as well, at least in the next release until
the new system has been totally tested and accurracy statistics are
known.

In my opinion, if it doenst offuscate the code you should keep the old
way that could be used with another argument like -O2 or something
like that.

Cheers, mate.



-- 
Emmanuel Goldstein.
Room 101, Ministry of Truth.
W2, London. Oceania.


On 8/24/05, Niels Heinen <niels.heinen () ubizen com> wrote:
> I totally agree. It would be nice if you could specify what
> tests should be performed during the fingerprinting. Ok, disabling tests
> will make things less accurate but sometimes you don't need to
> know the patch level ;p
>
> nmap -O -os_test 2,3 <target>
>
> Niels
>
>
> Bill Petersen wrote:
> > And while we are on the subject of OS fingerprinting, I need the OS
> > fingerprinting to be "kinder and gentler".  When I OS fingerprint my
> > network, several machines "fall over".  They lockup, crash, or certain
> > services lock up.  I get a lot of heat for this.
> >
> > I realize that most if it is poor programming by the vendor of the OS or
> > network stack, but it really restricts what I can do.
> > People don't like me crashing their routers, PBX, printers, clear case, ...
> >
> > Bill Petersen, CISSP
> > Senior Information Security Analyst
> > Alcatel North America Information Security
> > Bill.Petersen () alcatel com
> > Voice: 972-519-4249
> > Fax:   972-477-5300
> >
> >
> >
> > _______________________________________________
> > Sent through the nmap-dev mailing list
> > http://cgi.insecure.org/mailman/listinfo/nmap-dev
>
>
>
> _______________________________________________
> Sent through the nmap-dev mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-dev


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev