From owner-freebsd-chat Wed Feb 10 22:05:06 1999 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id WAA28096 for freebsd-chat-outgoing; Wed, 10 Feb 1999 22:05:06 -0800 (PST) (envelope-from owner-freebsd-chat@FreeBSD.ORG) Received: from thelab.hub.org (nat0716.mpoweredpc.net [142.177.190.208]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id WAA28082 for ; Wed, 10 Feb 1999 22:05:02 -0800 (PST) (envelope-from scrappy@hub.org) Received: from localhost (scrappy@localhost) by thelab.hub.org (8.9.2/8.9.1) with ESMTP id CAA09689; Thu, 11 Feb 1999 02:04:53 -0400 (AST) (envelope-from scrappy@hub.org) X-Authentication-Warning: thelab.hub.org: scrappy owned process doing -bs Date: Thu, 11 Feb 1999 02:04:52 -0400 (AST) From: The Hermit Hacker To: Kris Kennaway cc: freebsd-chat@FreeBSD.ORG Subject: Re: An Operating Systems Survey, of sorts... In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-chat@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 11 Feb 1999, Kris Kennaway wrote: > On Wed, 10 Feb 1999, The Hermit Hacker wrote: > > > I ran across QueSO today, and was so intrigued by it that I built up a > > quick script to scan through my WWW logs, using it to determine who is > > running what. The script just started, so there are only just over 500 > > hosts listed so far (the log file I"m reading has 269,000 distinct IPs, do > > it has a ways to go), but if anyone is interested in these sorts of stats, > > check out: > > Look into nmap - it does a better job of identifying OS versions since it's > based on a larger number of tests. It would be interesting to see the results > of this, although the stats might be self-selected if, e.g., you have useful > OS-specific pages on your site (higher number of users accessing them using > that OS than from a random population sample). Just looked at nmap, and...ack. At least from the DESCR file, it basically pounds the hell out of each host to determine the information it requires. I don't want to know what ports are open on each machine, nor do I want to set off each and every intrusion detection system out there :( I may have missed something, but the man page doesn't seem to indicate a way of *just* doing the fingerprinting...its an extra :( Nice program though, tried it out on one of my hosts and the results it gives back are quite impressive... Marc G. Fournier Systems Administrator @ hub.org primary: scrappy@hub.org secondary: scrappy@{freebsd|postgresql}.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message