1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
$Id: README,v 1.13 2001/10/20 15:23:55 fygrave Exp $
--
Xprobe - an icmp fingerprinting tool.
an implementation of Ofir Arkin's ICMP fingerprinting:
http://www.sys-security.com/
[*] Requirements:
------------
You will need lipcap.. if libpcap is not installed in standard path,
use --with-libpcap-libraries=/path/ and --with-libcap-includes=/path
options.
[*] Supported platforms:
--------------------
The tool has been succesefully compiled and tested on following platforms:
FreeBSD 4.x (primary development platform)
Linux 2.0.x, 2.2.x, 2.4.x
Solaris 2.x
OpenBSD 2.x NetBSD 1.4.x, 1.5.x
IRIX (with SGI freeware libpcap, http://freeware.sgi.com/, naitive SGI
compiler).
[*] Platforms which we are able to fingerprint:
-------------------------------------------
Based on static logic tree:
Microsoft Windows 95
Microsoft Windows 98
Microsoft Windows 98SE
Microsoft Windows ME
Microsoft Windows NT4 SP3 and below
Microsoft Windows NT4 SP4 and above
Microsoft Windows 2000 (as well as SP1 and SP2)
Microsoft Windows XP
Linux Kernel 2.0.x
Linux Kernel 2.2.x
Linux Kernel 2.4.x
FreeBSD 2.x-4.1, 4.1-4.3, 5.0 (future)
BSDI 2.x, 3.x, 4.x
NetBSD 1.x, 1.2.x, 1.3.x, 1.4.x, 1.5.x
OpenBSD 2.1-2.3, 2.4-2.5, 2.6-2.9
AIX 3.x & 4.x
Ultrix
Novell Netware
OpenVMS
HPUX 10.x, 11.x
MacOS 7.x-9.x
DGUX / Compaq Tru64
Sun Solaris 2.3-2.9
SunOS 4.x
IBM OS/390
NFR Appliance
Cabletron SSR 8000
Cisco Routers with IOS 11.x-12.x
Extreme Networks Switches
Based on signatures:
-------------------
[***]
[*] How to install:
---------------
tar xvfz xprobe-{release}.tar.gz
cd xprobe-{release}
./configure
(or ./configure --with-libpcap-libraries=/usr/local/lib --with-libcap-includes=/usr/local/include)
make
make install
send complains to fygrave@tigerteam.net if the compilation breaks. (use
--enable-debug to track/report errors)
[*] How to use:
-----------
See manul for details. A quick hint:
xprobe [options] hostname[/netmask] (and watch the output). :)
available options:
-h [guess?!] :)
-v be verbose
-i <interface> run on interface (needed if wrong interface is choosen)
-p <portnum> use <portnum> udp port for udp probe.
-o logfile log everything into a logfile. (default: stderr).
-t timeout receive timeout (seconds)
[*] Docs & Updates
--------------
http://www.sys-security.com/html/projects/X.html
[*] Other related webpages
----------------------
http://www.notlsd.net/xprobe/
http://www.sourceforge.net/projects/xprobe/
http://xprobe.sourceforge.net/
[*] Where to mail bugs/questions/ideas/patches/fixes:
-------------------------------------------------
Fyodor Yarochkin <fygrave@tigerteam.net> Ofir Arkin <ofir@sys-security.com>
http://www.notlsd.net The Sys-Security Group
http://www.sys-security.com
[*] Flames:
-------
/dev/null
|
