Nmap Announce mailing list archives
Re: NMAP Identity obscuring
From: Dug Song <dugsong () monkey org>
Date: Wed, 22 Nov 2000 14:58:09 -0500
On Wed, Nov 22, 2000 at 09:58:57AM -0800, lamont () icopyright com wrote:
once upon a time i wrote a program called tft.c that tested tcp flags by running through all 64 combinations of flags (i didn't include X+Y) and checking what kind of packets came back.
but this still only tests a TCP in CLOSED or LISTEN... i've met a few ppl now who've written TCP fingerprinting tools that walk through all the states. you know who you are. ;-) i wish you guys would publish your code already (or your paper, at least), so the rest of us don't have to reinvent the wheel! -d. --- http://www.monkey.org/~dugsong/ -------------------------------------------------- For help using this (nmap-hackers) mailing list, send a blank email to nmap-hackers-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Current thread:
- NMAP Identity obscuring Cameron Palmer (Nov 05)
- RE: NMAP Identity obscuring Ofir Arkin (Nov 23)
- RE: NMAP Identity obscuring lamont (Nov 23)
- Re: NMAP Identity obscuring Dug Song (Nov 23)
- Re: NMAP Identity obscuring Cameron L Palmer (Nov 25)
- RE: NMAP Identity obscuring Mike Batchelor (Nov 26)
- RE: NMAP Identity obscuring lamont (Nov 23)
- <Possible follow-ups>
- RE: NMAP Identity obscuring Oliver Friedrichs (Nov 23)
- RE: NMAP Identity obscuring Ofir Arkin (Nov 23)