Nmap Development mailing list archives

Re: OS fingerprint extraction quality when scanning a large number of machines

From: David Fifield <david () bamsoftware com>
Date: Thu, 18 Dec 2008 22:02:56 -0700

On Thu, Dec 18, 2008 at 05:16:29PM -0000, Rob Nicholls wrote:

Thanks for your testing. A couple of hosts out of 127 is not so bad
considering what we had been seeing: only one out of 20 or 30 hosts
returning useful results.


I'm afraid there were only 7 live hosts in that range, one of which was
mine, so I typically saw 4 "good" and 2 "bad" fingerprints. I probably
won't get a chance to do more testing until sometime tomorrow, but will
try it using 4.76, r11420 and r11421 to see if there are any differences
between them. The tests appeared to be quite repeatable, and I didn't
notice much of a difference when I ran one using 4.76. I'll also try a few
tweaks to the commandline options to see what differences that makes.


When you're doing that please try
        --max-hostgroup 10
and
        --max-parallelism 10

Try different numbers in place of 10 until you get good results. We may
have to reduce the speed of OS scanning and we'll need an idea of how
much to reduce it.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

Re: OS fingerprint extraction quality when scanning a large number of machines, (continued)
- - Re: OS fingerprint extraction quality when scanning a large number of machines David Fifield (Dec 17)
    - Re: OS fingerprint extraction quality when scanning a large number of machines Michael Head (Dec 17)
    - Re: OS fingerprint extraction quality when scanning a large number of machines David Fifield (Dec 17)
    - Re: OS fingerprint extraction quality when scanning a large number of machines Michael Head (Dec 18)
    - Re: OS fingerprint extraction quality when scanning a large number of machines Rob Nicholls (Dec 18)
    - Re: OS fingerprint extraction quality when scanning a large number of machines David Fifield (Dec 18)
    - Re: OS fingerprint extraction quality when scanning a large number of machines Rob Nicholls (Dec 18)
    - Re: OS fingerprint extraction quality when scanning a large number of machines Brandon Enright (Dec 18)
    - Re: OS fingerprint extraction quality when scanning a large number of machines David Fifield (Dec 18)
    - Re: OS fingerprint extraction quality when scanning a large number of machines Brandon Enright (Dec 18)
    - Re: OS fingerprint extraction quality when scanning a large number of machines David Fifield (Dec 18)
- Re: OS fingerprint extraction quality when scanning a large number of machines Giorgio Zoppi (Dec 18)
  - Re: OS fingerprint extraction quality when scanning a large number of machines Michael Head (Dec 18)
  - Re: OS fingerprint extraction quality when scanning a large number of machines Brandon Enright (Dec 18)
- Re: OS fingerprint extraction quality -- solved in r11437 David Fifield (Dec 19)
  - Re: OS fingerprint extraction quality -- solved in r11437 Rob Nicholls (Dec 19)
    - Re: OS fingerprint extraction quality -- solved in r11437 Rob Nicholls (Dec 20)
  - Re: OS fingerprint extraction quality -- solved in r11437 Michael Head (Dec 19)