Xprobe2 0.2rc1 release, white paper release, and Blackhat presentation availability

From: Ofir Arkin (ofir@sys-security.com)
Date: Thu Aug 07 2003 - 12:08:49 PDT

Next message: Matt Zimmerman: "[SECURITY] [DSA-364-2] New man-db packages fix problem with DSA-364-1"

Previous message: Brewis, Mark: "Directory Traversal in Sun iPlanet Administration Server 5.1"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

We are pleased to announce the immediate availability of Xprobe2 v0.2  
rc1, which has been officially released at the Blackhat briefings USA  
2003.

Xprobe2 is a remote active operating system fingerprinting tool with a  
different approach to operating system fingerprinting. Information on  
Xprobe2’s technology can be obtained from [1] and [2].

The new version of Xprobe2 introduces enhancements and advancements in  
Xprobe2’s development.

Xprobe2 now includes:

- A TCP fingerprinting module (among the other fingerprinting modules  
the tool uses)
- A Port Scanner
- An automatic receive timeout for Xprobe2's different modules
- The ability to completely control the tool’s operation
- A newly built signature database with over 160 signatures
- And other enhancements and fixes

Xprobe2 is more accurate then ever before, and the only active  
operating system fingerprinting tool, which is able to uniquely  
identify Microsoft Windows 2000 Server SP3, Microsoft Windows 2000  
Server SP4, Microsoft Windows 2003 Server Enterprise Edition, and  
Microsoft Windows 2003 Standard Edition.

The source code of Xprobe2 v0.2 rc1 can be found at:
http://www.sys-security.com/archive/tools/xprobe2/xprobe2-0.2rc1.tar.gz

MD5: e97cf2f230408a1ade8a6769125159f3
SHA1: 63ab6bdf0f6869d8c51dc0d372a43d373c1043bd


Xprobe2’s new version release is accompanied by a white paper titled:  
“The Present and Future of Xprobe2 – The Next Generation of Active  
Operating System Fingerprinting”. The white paper includes a detailed  
description of the tool’s new features as well as a future development  
plan and many examples for the tool usage.

The white paper can be downloaded from:
http://www.sys-security.com/archive/papers/Present_and_Future_Xprobe2- 
v1.0.pdf


The presentation given at Blackhat USA 2003 and at Defcon 11 is  
available from:
http://www.sys-security.com/archive/blackhat/USA2003/ 
Ofir_Arkin_BH_USA_2003_v1.0.1.zip [~2.3mb]
http://www.sys-security.com/archive/blackhat/USA2003/ 
Ofir_Arkin_BH_USA_2003_v1.0.1.ppt [~3.3mb]



Yours
Xprobe2 development team,

Ofir Arkin [ofir@sys-security.com]
Founder
The Sys-Security Group
http://www.sys-security.com
PGP CC2C BE53 12C6 C9F2 87B1 B8C6 0DFA CF2D D360 43FA


Fyodor Yarochkin [fygraveat_private]


Meder Kydyraliev [Mederat_private]



[1] http://www.sys-security.com/html/projects/X.html
[2] “xprobe2 - A 'Fuzzy' Approach to Remote Active Operating System  
Fingerprinting”, Ofir Arkin & Fyodor Yarochkin, August 2002,  
http://www.sys-security.com/archive/papers/Xprobe2.pdf

Next message: Matt Zimmerman: "[SECURITY] [DSA-364-2] New man-db packages fix problem with DSA-364-1"
Previous message: Brewis, Mark: "Directory Traversal in Sun iPlanet Administration Server 5.1"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Aug 08 2003 - 11:57:55 PDT