linux, säkerhet

6790992 2001-07-24 22:06 +0200  /89 rader/ Ofir Arkin <ofir@sys-security.com>
Sänt av: joel@lysator.liu.se
Importerad: 2001-07-24  21:45  av Brevbäraren
Extern mottagare: Bugtraq List <BUGTRAQ@SECURITYFOCUS.COM>
Mottagare: Bugtraq (import) <18309>
Ärende: Xprobe 0.0.1p1
------------------------------------------------------------
From: "Ofir Arkin" <ofir@sys-security.com>
To: "Bugtraq List" <BUGTRAQ@SECURITYFOCUS.COM>
Message-ID: <000801c1147c$21949390$01000001@godfather>

Xprobe written and maintained by Fyodor Yarochkin
<fygrave@tigerteam.net> and Ofir Arkin <ofir@sys-security.com>, is a
simple, fast, and efficient remote active operating system
fingerprinting tool based on Ofir Arkin's research with the "ICMP
Protocol Usage in Scanning". 


Documentation A white paper on Xprobe will be published soon. In the
mean time you can download one of the following presentations titled
"X - Playing Tricks with ICMP" given at the last Black Hat Briefings,
and Defcon 9.

You can download Ofir Arkin's presentation [.ppt format] given at the
Black Hat Briefings July 2001, from:
http://www.sys-security.com/archive/conferences/blackhat/july2001/X-BH_J
uly_01-Rev1.5-OfficeXP-FINAL.zip [~5.64mb]

You can download Ofir Arkin's presentation [.ppt format] given at
Defcon 9 July 2001, from:
http://www.sys-security.com/archive/conferences/defcon/defcon9/X-Defcon9
-Rev1.0-OfficeXP.zip  [~9.68mb]


Supported Platforms:
Linux 2.0.x/2.2.x/2.4.x 
FreeBSD 4.x (primary development platform)
OpenBSD 2.x
NetBSD 1.?x
Sun Solaris 2.x

Other Platforms? Testing, and feedback is welcomed


License:
Copyright (C) 2001 Fyodor Yarochkin, Ofir Arkin. 

This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or (at
your option) any later version.

All material for nonprofit, educational use only. 

This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
USA.


Additional Requirements
libpcap <ftp://ftp.ee.lbl.gov/libpcap-0.4.tar.Z or
http://www.tcpdump.org>


Examples
x [options] hostname (and watch the output)

Available options:

-h [guess?!] :)
-v be verbose
-i <interface> run on interface (needed if wrong interface is chosen)
-p <portnum>   use <portnum> udp port for udp probe.


X Official Home
http://www.sys-security.com/html/projects/X.html

Development
http://www.sourceforge.net/projects/xprobe/
http://xprobe.sourceforge.net/
http://www.notlsd.net/xprobe/


Ofir Arkin [ofir@sys-security.com]
Founder
The Sys-Security Group
http://www.sys-security.com
PGP CC2C BE53 12C6 C9F2 87B1 B8C6 0DFA CF2D D360 43FA
(6790992) /Ofir Arkin <ofir@sys-security.com>/(Ombruten)