Re: Call for IPv6 OS fingerprints

[Xu Weilin <mzweilin () gmail com>]

On Fri, Sep 23, 2011 at 11:24 PM, David Fifield <david () bamsoftware com>wrote:

> On Fri, Sep 23, 2011 at 09:02:47PM +0800, Xu Weilin wrote:
> > On Thu, Sep 22, 2011 at 10:14 AM, David Fifield <david () bamsoftware com
> > wrote:
> >
> > > On Mon, Sep 19, 2011 at 12:03:28PM -0700, David Fifield wrote:
> > > > I have just merged the IPv6 OS detection branch. What we need now are
> > > > fingerprint submissions in order to start training the engine. So far
> it
> > > > has a very small database and we need more submissions before making
> a
> > > > release. A summary the rest of this message:
> > > >
> > > > 1. Update your Subversion checkout.
> > > > 2. Run commands like these:
> > > >    # ./nmap -6 -v -O -F -e eth0 --script='targets-ipv6-*'
> > > --script-args=newtargets -oN os6-%D%T.nmap
> > > >    # ./nmap -6 -v -O -F scanme.nmap.org -oN os6-%D%T.nmap
> > > >    # ./nmap -6 -v -O ::1 -oN os6-%D%T.nmap
> > > > 3. Find the IPv6 OS fingerprints, find out exactly what operating
> > > >    systems the targets are running, and make submissions at
> > > >    http://insecure.org/cgi-bin/submit.cgi?new-os
> > >
> > > So far we've had 26 submissions! That's pretty good, even if 11 of them
> > > were from me. I would like to have about 100 for the initial database
> > > population.
> > >
> > > If you tried to do an IPv6 scan, and it didn't work, don't assume you
> > > did something wrong. It might be a bug (or something known not to be
> > > supported yet) so please send a report.
> >
> > I do have many IPv6 targets here in the LAN, but unfortunately the
> scanning
> > was aborted after I ran the first command.
> >
> > The screen output is as below.
> >
> > # ./nmap -6 -v -O -F -e eth0 --script='targets-ipv6-*'
> > --script-args=newtargets -oN os6-%D%T.nmap
> > ...
> > Completed SYN Stealth Scan at 20:43, 6.26s elapsed (6400 total ports)
> > nmap: FPEngine.cc:2201: virtual int FPHost6::callback(const u8*, size_t,
> > const timeval*): Assertion `time_sent.tv_sec > 0' failed.
> > Aborted
>
> Thanks for reporting this important information.
>
> Does this happen to you every time?

Yes, every time when I ran the first command


> Does it happen only when you scan many hosts at once? (From the output
> above I guess that the ping scan found 64 hosts.)

Maybe. The scripts 'targets-ipv6-*' totally found over 160 targets, then
nmap would scan them group by group.


> I have an idea of what is causing this (there are some relevant commits
> in r26199:26202 and r26229:26232 in /nmap-exp/luis/nmap-os6) but I will
> need some time to debug it.
>
> David Fifield

I've attached the output, it may help you.

-- 
Regards
Xu Weilin 许伟林

Attachment: fingerprint_all.txt
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/