Forwarded from: Fyodor <fyodor@private> On Tue, Oct 14, 2003 at 07:23:03AM -0500, InfoSec News wrote: > Forwarded from: Dragos Ruiu <dr@private> > [...] > Just a nit, but the -sV scan was first available in nmap 2.53 not > 3.45. Up until 3.45 it was a secondary patch that needed to be > applied. > > [...] > > It has just been finally recoded into c from c++ and put in the main > distribution. It has been improved a little and yes it is still cool. Actually these are two completely separate projects for adding version detection to Nmap. As you mentioned, Saurik's +V patch has been available for years and has proven itself quite useful on many occasions. It is probably the most popular external Nmap patch ever - mad props to Saurik! Yet I never added it to Nmap due to concerns about performance and maintainability. In addition to desiring parallelism and discreet signatures, I wanted to add support for UDP, IPv6, and cool features such as SSL-scanthrough. So I wrote the Nmap version detection engine (and the signature database) from scratch. My paper describing the system is available at http://www.insecure.org/nmap/versionscan.html . Cheers, Fyodor http://www.insecure.org - ISN is currently hosted by Attrition.org To unsubscribe email majordomo@private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Wed Oct 15 2003 - 04:07:06 PDT