Release v1.2 of Disco - Passive IP Discovery and fingerprinting tool available for download. Disco is a passive IP discovery utility designed to uniquely identify source IPs and fingerprint TCP SYN and now TCP SYNACK packets for host OS. Disco Features * Uniquely identify source IPs on the network * Toggle discovery of only TCP SYN or SYNACK packets and fingerprint * Ability to toggle fingerprint on/off * Output data to a flat text file * Define TCPDUMP style rules to filter on a subnet or range of IPs * Able to turn "uniqueness" off when fingerprinting for fingerprinting all TCP SYN or SYNACK packets * Parse a previously saved TCPDUMP file through DISCO * Option to add a system timestamp to output file * Pipe output to another program * New v1.2 Option to fingerprint SYNACK packets * New v1.2 Option to output more verbose fingerprint info to outfile * New v1.2 Added a ton of new fingerprints (1214 SYN/SYNACK fingerprints total) See http://www.altmode.com/disco for download Thanks, Preston --------------------------------------------------------------------------- The Lightning Console aggregates IDS events, correlates them with vulnerability info, reduces false positives with the click of a button, anddistributes this information to hundreds of users. Visit Tenable Network Security at http://www.tenablesecurity.com to learn more. ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Wed Jul 09 2003 - 10:27:20 PDT