Re: Utility to guess a remote hosts operating system?

2004-06-23 Thread Jan Grant
On Wed, 23 Jun 2004, Edd wrote:

 My question is:

 Does such a utility exist? I know nmap can guess os, but it takes a few
 seconds and a port scan is needed first. Is there just a simply util
 that can tell me without the port scan?

How would that operate? Some kind of network fingerprinting is required.
If you can narrow down the parameters of your question (eg: I have a
network of windows machines and I'd like to figure out exact versions on
each one) then you might have more luck.

-- 
jan grant, ILRT, University of Bristol. http://www.ilrt.bris.ac.uk/
Tel +44(0)117 9287088 Fax +44 (0)117 9287112 http://ioctl.org/jan/
__/\/\_/\/|_ flatline
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]


Re: Utility to guess a remote hosts operating system?

2004-06-23 Thread Remko Lodder
Jan Grant wrote:
On Wed, 23 Jun 2004, Edd wrote:

My question is:
Does such a utility exist? I know nmap can guess os, but it takes a few
seconds and a port scan is needed first. Is there just a simply util
that can tell me without the port scan?

How would that operate? Some kind of network fingerprinting is required.
If you can narrow down the parameters of your question (eg: I have a
network of windows machines and I'd like to figure out exact versions on
each one) then you might have more luck.
Hi Jan,Edd
Perhaps you mean something like:
p0f-2.0.3|/usr/ports/net-mgmt/p0f|/usr/local|Passive OS fingerprinting 
tool|/usr/ports/net-mgmt/p0f/pkg-descr|[EMAIL PROTECTED]|net-mgmt|||http://www.stearns.org/p0f/

Which was written by William Stearns (if you read this bill, HI!), and 
now maintained by Michal Zalewski (lcamtuf).

Try it ;-)
--
Kind regards,
Remko Lodder   |[EMAIL PROTECTED]
Reporter DSINet|[EMAIL PROTECTED]
Projectleader Mostly-Harmless  |[EMAIL PROTECTED]
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]


Re: Utility to guess a remote hosts operating system?

2004-06-23 Thread peter lageotakes
--- Jan Grant [EMAIL PROTECTED] wrote:
 On Wed, 23 Jun 2004, Edd wrote:
 
  My question is:
 
  Does such a utility exist? I know nmap can guess
 os, but it takes a few
  seconds and a port scan is needed first. Is there
 just a simply util
  that can tell me without the port scan?
 
 How would that operate? Some kind of network
 fingerprinting is required.
 If you can narrow down the parameters of your
 question (eg: I have a
 network of windows machines and I'd like to figure
 out exact versions on
 each one) then you might have more luck.
 
 -- 
 jan grant, ILRT, University of Bristol.
 http://www.ilrt.bris.ac.uk/
 Tel +44(0)117 9287088 Fax +44 (0)117 9287112
 http://ioctl.org/jan/

__/\/\_/\/|_
 flatline
 ___
 [EMAIL PROTECTED] mailing list

http://lists.freebsd.org/mailman/listinfo/freebsd-questions
 To unsubscribe, send any mail to
 [EMAIL PROTECTED]
 

Passive OS fingerprinting tool
http://www.freebsd.org/cgi/ports.cgi?query=p0fstype=all

Here is a snip from the ports description:
Passive OS fingerprinting is based on information
coming from a remote host when it establishes a
connection to our system.  Captured packets contain
enough information to identify the operating system. 
In contrast to active scanners such as nmap and QueSO,
p0f does not send anything to the host being
identified.
Hope this helps



__
Do you Yahoo!?
Take Yahoo! Mail with you! Get it on your mobile phone.
http://mobile.yahoo.com/maildemo 
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]