Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: portspoof IDS trouble

From: Jay Bosamiya <jaybosamiya () gmail com>
Date: Tue, 24 Jun 2014 19:23:55 +0530
List,

I wrote a patch (attached) that does this. Using --forget-after X makes
Nmap forget any host that has more than X open ports.
This patch may need improvement and testing before it can be considered
for inclusion and so I have marked the option as experimental.
However, I am posting this since Andrew (and others who come across
hosts with portspoof) might find this useful.

Cheers,
Jay

On Tuesday 03 June 2014 08:11 PM, Henri Doreau wrote:

A possible approach is to patch nmap to make it forget about every
host that have more than X (or X%) of open ports. That would be a nice
contribution actually! Would you or one of our GSoC feature creepers
be interested? If not I have such a patch somewhere but it would need
some improvement before it can be considered for inclusion.

Attachment: forgetAfter.patch
Description: 

_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: