Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 11 Feb 1999 16:47:47 +1030 (CST)
From:      Kris Kennaway <kkennawa@physics.adelaide.edu.au>
To:        The Hermit Hacker <scrappy@hub.org>
Cc:        freebsd-chat@FreeBSD.ORG
Subject:   Re: An Operating Systems Survey, of sorts...
Message-ID:  <Pine.OSF.4.05.9902111642360.31984-100000@bragg>
In-Reply-To: <Pine.BSF.4.05.9902110151310.385-100000@thelab.hub.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 11 Feb 1999, The Hermit Hacker wrote:

> > Look into nmap - it does a better job of identifying OS versions since it's
> > based on a larger number of tests. It would be interesting to see the results
> > of this, although the stats might be self-selected if, e.g., you have useful
> > OS-specific pages on your site (higher number of users accessing them using
> > that OS than from a random population sample).
> 
> Just looked at nmap, and...ack.  At least from the DESCR file, it
> basically pounds the hell out of each host to determine the information it
> requires.  I don't want to know what ports are open on each machine, nor
> do I want to set off each and every intrusion detection system out there
> :(

It just needs to find an open port (and a closed one, which it does by picking
a high-numbered random port which it hasn't discovered to be open). queso does
fingerprinting by attempting port 80 by default (as far as I remember), which
isn't necessarily going to be listened to.

You can tell nmap to just scan port 80 for fingerprinting purposes if you
wanted to, with the caveat that machines which aren't running a webserver
won't be fingerprinted.

Kris

-----
(ASP) Microsoft Corporation (MSFT) announced today that the release of its 
productivity suite, Office 2000, will be delayed until the first quarter
of 1901.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-chat" in the body of the message



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.OSF.4.05.9902111642360.31984-100000>