From owner-freebsd-chat  Wed Feb 10 22:30:05 1999
Return-Path: <owner-freebsd-chat@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id WAA00302
          for freebsd-chat-outgoing; Wed, 10 Feb 1999 22:30:05 -0800 (PST)
          (envelope-from owner-freebsd-chat@FreeBSD.ORG)
Received: from adelphi.physics.adelaide.edu.au (adelphi.physics.adelaide.edu.au [129.127.36.247])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id WAA00282
          for <freebsd-chat@FreeBSD.ORG>; Wed, 10 Feb 1999 22:30:01 -0800 (PST)
          (envelope-from kkennawa@physics.adelaide.edu.au)
Received: from bragg (bragg [129.127.36.34])
	by adelphi.physics.adelaide.edu.au (8.8.8/8.8.8/UofA-1.5) with SMTP id QAA05008;
	Thu, 11 Feb 1999 16:47:54 +1030 (CST)
Received: from localhost by bragg; (5.65/1.1.8.2/05Aug95-0227PM)
	id AA32256; Thu, 11 Feb 1999 16:47:48 +1030
Date: Thu, 11 Feb 1999 16:47:47 +1030 (CST)
From: Kris Kennaway <kkennawa@physics.adelaide.edu.au>
X-Sender: kkennawa@bragg
To: The Hermit Hacker <scrappy@hub.org>
Cc: freebsd-chat@FreeBSD.ORG
Subject: Re: An Operating Systems Survey, of sorts...
In-Reply-To: <Pine.BSF.4.05.9902110151310.385-100000@thelab.hub.org>
Message-Id: <Pine.OSF.4.05.9902111642360.31984-100000@bragg>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-chat@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Thu, 11 Feb 1999, The Hermit Hacker wrote:

> > Look into nmap - it does a better job of identifying OS versions since it's
> > based on a larger number of tests. It would be interesting to see the results
> > of this, although the stats might be self-selected if, e.g., you have useful
> > OS-specific pages on your site (higher number of users accessing them using
> > that OS than from a random population sample).
> 
> Just looked at nmap, and...ack.  At least from the DESCR file, it
> basically pounds the hell out of each host to determine the information it
> requires.  I don't want to know what ports are open on each machine, nor
> do I want to set off each and every intrusion detection system out there
> :(

It just needs to find an open port (and a closed one, which it does by picking
a high-numbered random port which it hasn't discovered to be open). queso does
fingerprinting by attempting port 80 by default (as far as I remember), which
isn't necessarily going to be listened to.

You can tell nmap to just scan port 80 for fingerprinting purposes if you
wanted to, with the caveat that machines which aren't running a webserver
won't be fingerprinted.

Kris

-----
(ASP) Microsoft Corporation (MSFT) announced today that the release of its 
productivity suite, Office 2000, will be delayed until the first quarter
of 1901.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-chat" in the body of the message