I also recall a tool that did the same for BIND servers but I can't remember its name right now.
On Monday, February 3, 2003, at 11:22 PM, Anders Thulin wrote:
Hi!
Fingerprinting a TCP stack seems a fairly well understood technique by
now, and there are several tools, more or less developed, for
the task: nmap, ring, ICMP-based techniques, etc.
A recent glance over the output from a dozen different finger
servers suggests that fingerprinting might be done fairly well on
application level, too, although possibly not always as exactly as
for TCP/IP-based techniques: applications are easier to move around
than TCP stacks are.
Have there been any attempts to explore this area further?
I've googled around, but not found anything obvious, except
for observations of some fingerprints, such as responses to
DNS SERVER_STATUS_REQUEST (a few respond with something else
than 'not implemented'), and so on.
-- Anders Thulin [EMAIL PROTECTED] 040-661 50 63
Ki Consulting AB, Box 85, SE-201 20 Malm�, Sweden
----------------------------------------------------------------------- -----
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
--- Bill Pennington, CISSP, CCNA Senior Information Security Engineer WhiteHat Security Inc. http://www.whitehatsec.com
---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
