Re: usual iploggers miss some variable stealth scans

Subject: Re: usual iploggers miss some variable stealth scans
From: Ralf Laue (rlaueVIRBUS.DE)
Date: Fri Jan 21 2000 - 03:06:15 CST

• Next message: Pedro Hugo: "Re: Security Issues with HIGHSPEEDWEB.NET leased servers"
• Previous message: Brian Mueller: "Re: Security Issues with HIGHSPEEDWEB.NET leased servers"
• In reply to: Oliver Friedrichs: "Re: usual iploggers miss some variable stealth scans"
• Next in thread: antirez: "Re: usual iploggers miss some variable stealth scans"
• Next in thread: Andrea Gho: "Re: usual iploggers miss some variable stealth scans"
• Reply: Ralf Laue: "Re: usual iploggers miss some variable stealth scans"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Oliver Friedrichs wrote:

> You'd be suprised at how untrue this is (the "often" part). While much
> of whats publically available may do this, there are many other
> variables in a stack unrelated to TCP state that can be used to identify
> an OS - and are also virtually impossible for someone to fix...

An interesting open source tool for identifying the target OS can be
found at:
http://www.apostols.org/projectz/queso/

• Next message: Pedro Hugo: "Re: Security Issues with HIGHSPEEDWEB.NET leased servers"
• Previous message: Brian Mueller: "Re: Security Issues with HIGHSPEEDWEB.NET leased servers"
• In reply to: Oliver Friedrichs: "Re: usual iploggers miss some variable stealth scans"
• Next in thread: antirez: "Re: usual iploggers miss some variable stealth scans"
• Next in thread: Andrea Gho: "Re: usual iploggers miss some variable stealth scans"
• Reply: Ralf Laue: "Re: usual iploggers miss some variable stealth scans"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b27 : Fri Jan 21 2000 - 19:24:35 CST