Nmap Development mailing list archives
[Patch] Improving OS Detection
From: Jay Bosamiya <jaybosamiya () gmail com>
Date: Fri, 04 Jul 2014 12:16:14 +0530
Hi All! During OS detection, Nmap choses one open TCP port, one closed TCP port and one closed UDP port to work with. However, if the chosen open TCP port is "tcpwrapped" (possibly due to a firewall), we may sometimes not get accurate results. To get past this, we can choose another open port to work with (since we only need an open port, the actual port doesn't matter). The attached patch does this. I have tested this using multiple VMs with different OSs installed (both with and without tcpwrapping (using tcpd) and using differing port ranges too). All tests pass. Cheers, Jay PS: With the current usage of the PortList::isTCPwrapped() function, the o.debugging>1 messages will NEVER appear but they are there to facilitate debugging if the function is used elsewhere at some point of time.
Attachment:
osDetectionTCPwrapped.patch
Description:
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [Patch] Improving OS Detection Jay Bosamiya (Jul 03)
- Re: [Patch] Improving OS Detection Daniel Miller (Jul 04)
- Re: [Patch] Improving OS Detection John (Jul 07)
- Re: [Patch] Improving OS Detection john (Jul 07)
- Re: [Patch] Improving OS Detection John (Jul 07)
- Re: [Patch] Improving OS Detection John (Jul 07)
- Re: [Patch] Improving OS Detection Daniel Miller (Jul 29)
- Re: [Patch] Improving OS Detection Daniel Miller (Jul 04)