[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: nmap strangeness



>>>>> "VR" == Viktor Rosenfeld <rosenfel@informatik.hu-berlin.de> writes:

    VR> Nate Amsden wrote:
    >> try portscanning as well as OS identification:
    >> 
    >> nmap -O -p 1-512 XXX.XXX.XXX.0/24

    VR> I'm curious, but isn't this redundant?  OS identification
    VR> works by portscanning, or am I missing something here.

OS fingerprinting uses characteristics of the TCP/IP stack itself to
detect the OS, rather than simply determining which services are
available.  See this document by Fyodor (the author of nmap) for more:

http://www.insecure.org/nmap/nmap-fingerprinting-article.html

-- 
"Pity has no place at my table."
      -- Dr Hannibal Lecter



Reply to: