We would like to announce the availability of Xprobe version 0.0.2. You can download our latest version from: http://www.sys-security.com/archive/tools/X/xprobe-0.0.2.tar.gz Written and maintained by Fyodor Yarochkin and Ofir Arkin, Xprobe is an Active OS fingerprinting tool based on Ofir Arkin's ICMP Usage in Scanning Research project (http://www.sys-security.com). Supported Platforms: - Linux Kernel 2.0.x, 2.2.x, 2.4.x - FreeBSD 4.x - NetBSD 1.4.x, 1.5.x - OpenBSD 2.x - Sun Solaris 2.x - IRIX Dependencies: libpcap Changes from version 0.0.1p1: - Fixed a bug that prevented the correct identification of Microsoft Windows ME and Microsoft Windows 98/98SE. - A logging option have been added using the -o <file> option you can now log the results to a file for further processing. - You can now specify a receiving time out using the -t option. - Added support for IBM OS/390, SunOS 4.x, and Microsoft Windows XP (TCP/IP stack is looking exactly the same as with Microsoft Windows 2000, with ICMP). - Added support for compilation under IRIX. - Bugs and Code sweeps were performed. - The tool and the man page now carry the name of Xprobe. Documentation: Xprobe is documented in a white paper we released called "X remote ICMP based OS fingerprinting techniques" (X is the logic behind the tool), available from http://www.sys-security.com/html/projects/X.html. Known Limitations: Xprobe 0.0.2 identifies a limited number of operating systems (all current operating system included) and networking devices (a full list is available in the README file). We are planning to release version 0.1 which will support a signature database in the Black Hat Briefings Europe 2001 held in the Krasnapolsky Hotel in Amsterdam 21-22 November 2001 (http://www.blackhat.com). How to use: See manual for details. A quick hint: xprobe [options] hostname[/netmask] (and watch the output). available options: -h [help] -v be verbose -i <interface> run on interface (needed if wrong interface is choosen) -p <portnum> use <portnum> udp port for udp probe. -o logfile log everything into a logfile. (default: stderr). -t timeout receive timeout (seconds) Fyodor Yarochkin fygraveat_private Ofir Arkin [ofir@sys-security.com] Founder The Sys-Security Group http://www.sys-security.com PGP CC2C BE53 12C6 C9F2 87B1 B8C6 0DFA CF2D D360 43FA
This archive was generated by hypermail 2b30 : Wed Oct 24 2001 - 18:19:20 PDT