Nmap Development mailing list archives
suggestion
From: John Hally <JHally () epnet com>
Date: Mon, 22 Aug 2005 08:55:53 -0400
Hello All, What about doing something similar to p0f? I'm thinking of a daemon option that watches a span port and dumps out the info to text/sql/whatever. The idea I'm thinking of is tying this into ids (snort) alerts to help cut down on time. (ie, a windows attack to a linux box is obviously low priority) Possibly down the road becoming a passive vulnerability 'scanner'. Just a thought.. Thanks! _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- suggestion John Hally (Aug 22)
- Re: suggestion Ron (Aug 23)