Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Nmap 4.20ALPHA5: Unable to produce ideal -O2 tests ?

From: Fyodor <fyodor () insecure org>
Date: Mon, 4 Sep 2006 12:48:03 -0700
On Sun, Sep 03, 2006 at 02:21:26AM +0000, Brandon Enright wrote:

On Sat, 2006-09-02 at 18:17 -0700, Fyodor wrote:

I've compiled and tested ALPHA6 and confirmed that it does indeed behave
correctly with the filtered ICMP Type 9 probe.

The dropped type 9 probe wasn't the fault of ether the scanning or
target machines.  It turns out that the Ethernet<-->Wireless (Layer 2,
not a IP hop) bridge I use is filtering these packets.  I ran a cable to
bypass that segment and ALPHA5 started working correctly too.


Interesting.  It can be hard to predict what probes will be corrupted
(for OS detecton purposes) or blocked by the myriad of NAT boxes,
routers, and bridges out there.  But as we collect more and more data,
we should get an idea of which tests are unreliable.  We can then
remove those tests or modify the fingerprints to improve the
situation.

So please keep the submissions coming.

And happy Labor Day for all the Americans here!

Cheers,
-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: