Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

April 2010 OS detection highlights

From: David Fifield <david () bamsoftware com>
Date: Mon, 26 Apr 2010 09:18:59 -0600
Here are highlights from the latest round of OS signature submissions,
up until April 20, 2010.

Line count went from 42009 to 46661 (+4652, +11%).
Fingerprint count went from 2346 to 2607 (+261, +11%).

New vendors:
Aerohive, Areca, Asmax, Atari, BECK, Boundless Technologies, DMP,
Enistic, Excito, Hirschmann, Iomega, Kapsch, Koukaam, Luminary Micro,
Mapower, McAfee, Nashuatec, Ness, Printronix, QEMU, Source Technologies,
Thecus, Vodafone, Zhone, ZoneAlarm, m3.
Removed vendors:
Chumby, FON, Swisscom, Ubiquiti.

We got a bunch of old Microsoft operating systems this time:

Fingerprint Microsoft Network Client 3.0 for MS-DOS
Class Microsoft | MS-DOS || general purpose
        This is the first MS-DOS fingerprint we have. Network Client is
        some networking tools for DOS.
        http://technet.microsoft.com/en-us/library/cc750214.aspx
Fingerprint Microsoft Windows 3.1 with Trumpet WinSock
Class Microsoft | Windows | 3.X | general purpose
        A TCP/IP stack for another OS that wasn't meant to have one.
Fingerprint Microsoft Windows NT 3.1
Class Microsoft | Windows | NT | general purpose
        Our first Windows NT 3 fingerprint. NT 3.1 is from 1993.

Fingerprint Apple iPad tablet computer (iPhone OS 3.2)
Class Apple | iPhone OS | 3.X | general purpose
        We only got submission for the iPad, so it's nto clear yet if it
        will remain distinct or be merged with other iPhone OS entries.

Fingerprint Cisco 880 or 3750 switch (IOS 12.2 - 15.0)
Class Cisco | IOS | 12.X | switch
Class Cisco | IOS | 15.X | switch
        Cisco skipped versions 13 and 14. This web page says it's
        because those numbers are unlucky.
        http://www.networkstraining.com/cisco-ios-jumps-from-version-12-to-version-15/

Also, we have new prints for Linux 2.6.33, OpenBSD 4.6, and Mac OS X
10.6.3, not too many yet though.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: