Xprobe written and maintained by Fyodor Yarochkin <fygraveat_private> and Ofir Arkin <ofir@sys-security.com>, is a simple, fast, and efficient remote active operating system fingerprinting tool based on Ofir Arkin's research with the "ICMP Protocol Usage in Scanning". Documentation A white paper on Xprobe will be published soon. In the mean time you can download one of the following presentations titled "X - Playing Tricks with ICMP" given at the last Black Hat Briefings, and Defcon 9. You can download Ofir Arkin's presentation [.ppt format] given at the Black Hat Briefings July 2001, from: http://www.sys-security.com/archive/conferences/blackhat/july2001/X-BH_J uly_01-Rev1.5-OfficeXP-FINAL.zip [~5.64mb] You can download Ofir Arkin's presentation [.ppt format] given at Defcon 9 July 2001, from: http://www.sys-security.com/archive/conferences/defcon/defcon9/X-Defcon9 -Rev1.0-OfficeXP.zip [~9.68mb] Supported Platforms: Linux 2.0.x/2.2.x/2.4.x FreeBSD 4.x (primary development platform) OpenBSD 2.x NetBSD 1.?x Sun Solaris 2.x Other Platforms? Testing, and feedback is welcomed License: Copyright (C) 2001 Fyodor Yarochkin, Ofir Arkin. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. All material for nonprofit, educational use only. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. Additional Requirements libpcap <ftp://ftp.ee.lbl.gov/libpcap-0.4.tar.Z or http://www.tcpdump.org> Examples x [options] hostname (and watch the output) Available options: -h [guess?!] :) -v be verbose -i <interface> run on interface (needed if wrong interface is chosen) -p <portnum> use <portnum> udp port for udp probe. X Official Home http://www.sys-security.com/html/projects/X.html Development http://www.sourceforge.net/projects/xprobe/ http://xprobe.sourceforge.net/ http://www.notlsd.net/xprobe/ Ofir Arkin [ofir@sys-security.com] Founder The Sys-Security Group http://www.sys-security.com PGP CC2C BE53 12C6 C9F2 87B1 B8C6 0DFA CF2D D360 43FA ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Tue Jul 24 2001 - 12:53:34 PDT