Utility to guess a remote hosts operating system?
My question is: Does such a utility exist? I know nmap can guess os, but it takes a few seconds and a port scan is needed first. Is there just a simply util that can tell me without the port scan? Thanks! ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Utility to guess a remote hosts operating system?
On Wed, 23 Jun 2004, Edd wrote: > My question is: > > Does such a utility exist? I know nmap can guess os, but it takes a few > seconds and a port scan is needed first. Is there just a simply util > that can tell me without the port scan? How would that operate? Some kind of network fingerprinting is required. If you can narrow down the parameters of your question (eg: I have a network of windows machines and I'd like to figure out exact versions on each one) then you might have more luck. -- jan grant, ILRT, University of Bristol. http://www.ilrt.bris.ac.uk/ Tel +44(0)117 9287088 Fax +44 (0)117 9287112 http://ioctl.org/jan/ __/\/\_/\/|_ flatline ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Utility to guess a remote hosts operating system?
Jan Grant wrote: On Wed, 23 Jun 2004, Edd wrote: My question is: Does such a utility exist? I know nmap can guess os, but it takes a few seconds and a port scan is needed first. Is there just a simply util that can tell me without the port scan? How would that operate? Some kind of network fingerprinting is required. If you can narrow down the parameters of your question (eg: I have a network of windows machines and I'd like to figure out exact versions on each one) then you might have more luck. Hi Jan,Edd Perhaps you mean something like: p0f-2.0.3|/usr/ports/net-mgmt/p0f|/usr/local|Passive OS fingerprinting tool|/usr/ports/net-mgmt/p0f/pkg-descr|[EMAIL PROTECTED]|net-mgmt|||http://www.stearns.org/p0f/ Which was written by William Stearns (if you read this bill, HI!), and now maintained by Michal Zalewski (lcamtuf). Try it ;-) -- Kind regards, Remko Lodder |[EMAIL PROTECTED] Reporter DSINet|[EMAIL PROTECTED] Projectleader Mostly-Harmless |[EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Utility to guess a remote hosts operating system?
--- Jan Grant <[EMAIL PROTECTED]> wrote: > On Wed, 23 Jun 2004, Edd wrote: > > > My question is: > > > > Does such a utility exist? I know nmap can guess > os, but it takes a few > > seconds and a port scan is needed first. Is there > just a simply util > > that can tell me without the port scan? > > How would that operate? Some kind of network > fingerprinting is required. > If you can narrow down the parameters of your > question (eg: I have a > network of windows machines and I'd like to figure > out exact versions on > each one) then you might have more luck. > > -- > jan grant, ILRT, University of Bristol. > http://www.ilrt.bris.ac.uk/ > Tel +44(0)117 9287088 Fax +44 (0)117 9287112 > http://ioctl.org/jan/ > __/\/\_/\/|_ > flatline > ___ > [EMAIL PROTECTED] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "[EMAIL PROTECTED]" > "Passive OS fingerprinting tool" http://www.freebsd.org/cgi/ports.cgi?query=p0f&stype=all Here is a snip from the ports description: "Passive OS fingerprinting is based on information coming from a remote host when it establishes a connection to our system. Captured packets contain enough information to identify the operating system. In contrast to active scanners such as nmap and QueSO, p0f does not send anything to the host being identified." Hope this helps __ Do you Yahoo!? Take Yahoo! Mail with you! Get it on your mobile phone. http://mobile.yahoo.com/maildemo ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
