Nmap Development mailing list archives
Re: New OS Detection?
From: Fyodor <fyodor () insecure org>
Date: Mon, 7 Aug 2006 23:18:42 -0700
On Mon, Aug 07, 2006 at 11:44:27PM -0500, Alan Jones wrote:
I was just curious how the new OS detection code was coming along... Code? Improvements in detection? Speed? Database signatures, etc......
Great question. As Zhao noted, we're still working on it, but are absolutely nearing the point where we can start collecting signatures. I made some changes to the OS fingerprinting doc this morning, in fact. We're not talking dramatic changes, but important little details. Like the TCP sequence probe #6 no longer has the SACK TCP option because that may affect returned window size or other details against some platforms. We want to get it just right before spending years collecting thousands of fingerprints, so if you have ideas for improving the system, now is definitely the time to speak up! Our latest ideas are documented here: http://insecure.org/nmap/osdetect/
It is an area we are all interested in....
I'm glad of that! A lot of exciting development is going on this summer (NSE, UMIT, etc.) but OS detection is definitely one of the most important for Nmap. So please stay tuned for our call for OS signature gathering assistance. Cheers, -F _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- New OS Detection? Alan Jones (Aug 07)
- Re: New OS Detection? 赵雷 (Aug 07)
- Re: New OS Detection? Fyodor (Aug 07)
- Re: New OS Detection? Alan Jones (Aug 08)