Nmap Development mailing list archives
Re: OS detection
From: Fyodor <fyodor () insecure org>
Date: Thu, 19 Dec 2002 23:28:04 -0800
On Thu, Dec 19, 2002 at 09:39:39PM +0100, R Anderson wrote:
Has anybody tried putting Ofir Arkin's xprobe OS-detection into nmap? Would there be any technical or political problems? Wouldn't it be worth the effort?
I have quietly added a number of new tests in the last year, although most of them involve new ways of interpreting the probe responses Nmap already receives. I would like to add new tests, but want to do so all at once when I have time to put out a request for comments and have some discussions about the pros and cons of each test. I have a lot of ideas, but I also hope other users and developers will be able to suggest novel tests. I certainly wouldn't restrict the new tests to just those from Xprobe, but wouldn't exclude them either. This is on my list projects I hope to do in '03.
- If possible and applicable, merge the databases to some extent.
Why? The latest Nmap DB has 699 fingerprints. The latest Xprobe (2.01rc1) contains 18. Xprobe is certainly an interesting proof of concept, and I am always glad to see other work in this area. But I wonder how many people here actually use Xprobe on a regular basis? If so, I would love to hear about the value it presents to you over Nmap.
- The database matching should be compatible with older entries (without xprobe tests) - As time goes by, more complete entries will fill the database
Indeed. Fortunately, this and other "upgrade-path" behavior already exists in Nmap. I just haven't had time to decide on new tests to add. Besides -- the current ones seem to be working rather well and having too many tests can cause its own problems. Instead of adding a bunch of nifty new wiz-bang tests, I have been working to improve and expand the results DB. Cheers, Fyodor --------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Current thread:
- OS detection R Anderson (Dec 19)
- Re: OS detection Fyodor (Dec 19)