Nmap Development mailing list archives

RE: New Nmap vs SinFP benchmark

From: "Sina Bahram" <sbahram () nc rr com>
Date: Thu, 28 Dec 2006 02:06:58 -0500

I am using nmap 4.21 alpha 1, which I believe is the latest version of nmap
released.

I don't have a nmap -sQ option

Is this something I am totally missing?

I don't even remember this option ever being introduced.

It sounds extremely useful.

Take care,
Sina
 
-----Original Message-----
From: nmap-dev-bounces () insecure org [mailto:nmap-dev-bounces () insecure org]
On Behalf Of Arturo 'Buanzo' Busleiman
Sent: Wednesday, December 27, 2006 10:20 PM
To: nmap-dev () insecure org
Subject: Re: New Nmap vs SinFP benchmark

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

GomoR wrote:

I told the author to re-test using latest Nmap, and here are the 
results:


Well, I tried with 3 different browsers to drop a comment there, but it
proved impossible :P Do you have the author's email address?

Anyway, here is what I was about to post:

====

Well, when using Nmap against an IP address that proves difficult to
OS-detect (like in your NAT box example), you should, instead of submitting
the fingerprint or whatever, do an nmap Qscan: It's a new nmap scan that you
can use with -sQ. It will let you discover how many boxes are behind the NAT
box, and group them. Then, you can use nmap again to only scan the ports
that belong to a certain group only, and discover each OS separately.

And, you should check out the Nmap Scripting Engine ;)

====

- --
Arturo "Buanzo" Busleiman - Consultor Independiente en Seguridad Informatica
¿No sabés a dónde ir a comer o tomar algo? Visitá www.vivamoslavida.com.ar
LISTA DE CASAMIENTO: Cualquier Fravega a nombre de Busleiman (37520).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFkzfBAlpOsGhXcE0RAvEVAJ9rT7sbWfQ1DhoHU33EuKFZptYXwQCfYNl8
sOhaq0Gfzsxtp4c3eXOzWXc=
=tHdR
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

New Nmap vs SinFP benchmark GomoR (Dec 27)
- Re: New Nmap vs SinFP benchmark Hans Nilsson (Dec 27)
- Re: New Nmap vs SinFP benchmark Arturo 'Buanzo' Busleiman (Dec 27)
  - RE: New Nmap vs SinFP benchmark Sina Bahram (Dec 27)
    - Re: New Nmap vs SinFP benchmark DePriest, Jason R. (Dec 28)
    - Re: New Nmap vs SinFP benchmark Hans Nilsson (Dec 28)
  - Re: New Nmap vs SinFP benchmark doug (Dec 28)
    - Re: New Nmap vs SinFP benchmark Hans Nilsson (Dec 28)
    - Re: New Nmap vs SinFP benchmark doug (Dec 28)
    - Re: New Nmap vs SinFP benchmark Hans Nilsson (Dec 29)
- Message not available
  - Re: New Nmap vs SinFP benchmark GomoR (Dec 28)
- Re: New Nmap vs SinFP benchmark Alan Jones (Dec 28)