Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

RE: IPv6 OS Detection: Call for fingerprinters!!

From: "Dario Ciccarone (dciccaro)" <dciccaro () cisco com>
Date: Tue, 12 Jul 2011 13:28:13 -0500
Luis:



Are you planning to share the result files for all those boxes? We'd
certainly appreciate it if you sent us the results for that NAS,
AppleTV, iPhone, printer etc, as we don't have fingerprints for that
kind of systems yet.


Indeed. Will be sending them later today.
 

The fact that different versions behave differently is good 
news, since
that allows OS detection engines to distinguish stacks at the 
version level.


Indeed. But in this case, the release in question was dropping all TCP
traffic being received on a link-local address. Not a subtle difference
in behaviour, but just a bug :))



That is interesting. We have not yet decided if we are going to send
different probes when the target machine is on-link or 
off-link, but if
we end up doing that, this is something worth considering. Thanks for
the tip!


Most welcome. I have a couple more ideas - let me try them in the lab
first, then I'll share them with you if they pan out :)

Thanks,
Dario
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: