Nmap Development mailing list archives

Re: suggestion

From: Ron <iago () valhallalegends com>
Date: Tue, 23 Aug 2005 11:44:02 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

It seems to me that it would make more sense to use p0f for that purpose.

John Hally wrote:

Hello All,

 

What about doing something similar to p0f?  I'm thinking of a daemon option
that watches a span port and dumps out the info to text/sql/whatever.  The
idea I'm thinking of is tying this into ids (snort) alerts to help cut down
on time. (ie, a windows attack to a linux box is obviously low priority)
Possibly down the road becoming a passive vulnerability 'scanner'.  Just a
thought..

 

Thanks!



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.9.15 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDC1JRfqSf2EkP4p4RAhSnAJ436E8CTo3q/CM4nDKvnYfxam0P6ACeN1Jm
uHaZiKAK6jCk9D95XxqF7iM=
=3tyi
-----END PGP SIGNATURE-----


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev

Current thread:

suggestion John Hally (Aug 22)
- Re: suggestion Ron (Aug 23)