Xprobe 0.2.1 Released
The xprobe2 development team is pleased to announce the immediate
availability of Xprobe2 v0.2.1. Xprobe2 is a remote active operating
system fingerprinting tool which uses advanced techniques, some which
where first to be introduced with Xprobe2, such as the usage of
statistical analysis ('fuzzy logic') to match between probe response(s)
to its signature database and others, in order to provide with accurate
results regarding the underlying operating system of a probed
element(s).
Version 0.2.1 fixes a number of bugs and introduces more features:
- Port scanning is now available through the usage of the -T (TCP) and
-U (UDP) command line options
- Added the -B command line option ('blind port guess') used for
searching an open TCP port among the following ports: 80, 21, 25, 22,
139
- Fixed timeouts and made pcap_next() nonblocking, as it was causing
problems on linux
- Fixed problem that occurs when localhost does not resolve (set_dst()
in IP::IP(const char*))
- Include XSD schema with distribution and make our XML comply with
that XSD
- patricklang@xxxxxxxxxxxxxxx's fixes that would port Xprobe2 to MacOSX
(destructors, endiannes, config.* stuff)
- moved SHA1 into xplib/ will be needed by burst module
- loopback (lo) is now supported
- dump select() in sniffpack() as it is not portable
- Fixed terminating " error that we were getting w/ gcc 3.x
- Fixed error handling in xp_get_src_addr()
Significant additions of signatures into the signature database:
- FreeBSD 5.3; 5.2.1; 5.2; 4.10; 4.9
- Linux Kernel 2.6.9; 2.6.8; 2.6.7; 2.6.6; 2.6.5; 2.6.4; 2.6.3; 2.6.2;
2.6.1; 2.6.0
- Linux Kernel 2.4.28; 2.4.27; 2.4.26; 2.4.25; 2.4.24; 2.4.23; 2.4.22
- Linux Kernel 2.2.26
- Microsoft Windows XP SP2
- NetBSD 2.0; 1.6.2
- OpenBSD 3.6; 3.5; 3.4
- Sun Solaris 10
The new version of xprobe2 can be downloaded from:
http://www.sys-security.com/html/tools/tools.html
SHA-1: bbe78c7c5c4f877cf3a230709121897670be1ec6
MD5: aaddb4bf793ef573b7fb43ee91bb2224
Yours,
The Xprobe2 development team,
Fyodor Yarochkin (fyodor at (nospam) o0o dot nu)
Ofir Arkin (ofir at (nospam) sys-security dot com)
Meder Kydyraliev (meder at (nospam) o0o dot nu)