> I came up with a bunch of hosts which nMap classifies as > 'unknown', but with predictable TCP Sqeuence(s). Try passive OS fingerprinting. Personally I like siphon (although it's OS database is a bit outdated, but you can easily add new OSes) but there are other tools. Also run sniffer and look for connection to you hosts. If you find one consider hijacking it. This will also reveal some open ports. nmap can be very flexible in port scanning - try packet fragmentation and source port options (-f and -g). Also try rpc and null scans. Just my two cents. Regards, Alex Czarnowski AVET INS
---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
