Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: OS integration highlights

From: Daniel Miller <bonsaiviking () gmail com>
Date: Thu, 27 Jun 2013 16:01:51 -0500
David,
Have you documented the process of integrating fingerprint submissions anywhere? I'd like to get an understanding of how the data are combined and ordered, and it would make a good continuity document to increase the project's bus depth[1]. Just something to think about. Thanks for all the hard work! 

Dan
[1] bus depth (n) - The number of people that can be hit by a bus before a project is doomed. 

On 06/27/2013 03:37 PM, David Fifield wrote:

I recently finished a round of 1,300 OS fingerprint submissions
since January 2013. Here is a summary of how the database changed.

Line count went from 76523 to 78267 (+1744, +2%).
Fingerprint count went from 4027 to 4118 (+91, +2%).

New vendor/family combinations:
DEC DECserver, Lantronix Linux, Meinberg Linux, NTT embedded, Oracle
Solaris, RIM BlackBerry, Sandstrom embedded, Tenda VxWorks, Vocality
embedded, WebSense Linux.

The increase in size is less than it has been in previous rounds. I'm
becoming more aggressive in combining fingerprints for different
configurations of Linux especially. For whatever reason, the vast
majority of submissions are redundant Linux submissions.

Interesting new fingerprints:

Fingerprint Linux 3.7 - 3.9
        It appears to be possible to distinguish Linux 3.7 from earlier
        versions. There is a new quite large MSS of FFD7 in some cases,
        and a distinctive window size of AAAA.
        OPS(O1=MFFD7ST11NW7%O2=MFFD7ST11NW7%O3=MFFD7NNT11NW7%O4=MFFD7ST11NW7%O5=MFFD7ST11NW7%O6=MFFD7ST11)
        WIN(W1=AAAA%W2=AAAA%W3=AAAA%W4=AAAA%W5=AAAA%W6=AAAA)

Fingerprint IBM AIX 7.1

Plus AIX 7.1, OpenBSD 5.3, iOS 6.1.

David Fifield
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/



_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: