From: Preston (p@altmode.com)
Date: Wed Jul 09 2003 - 12:30:54 EDT
Release v1.2 of Disco - Passive IP Discovery and fingerprinting tool
available for download.
Disco is a passive IP discovery utility designed to uniquely identify
source IPs and fingerprint TCP SYN and now TCP SYNACK packets for host OS.
Disco Features
* Uniquely identify source IPs on the network
* Toggle discovery of only TCP SYN or SYNACK packets and fingerprint
* Ability to toggle fingerprint on/off
* Output data to a flat text file
* Define TCPDUMP style rules to filter on a subnet or range of IPs
* Able to turn "uniqueness" off when fingerprinting for fingerprinting
all TCP SYN or SYNACK packets
* Parse a previously saved TCPDUMP file through DISCO
* Option to add a system timestamp to output file
* Pipe output to another program
* New v1.2 Option to fingerprint SYNACK packets
* New v1.2 Option to output more verbose fingerprint info to outfile
* New v1.2 Added a ton of new fingerprints (1214 SYN/SYNACK
fingerprints total)
See http://www.altmode.com/disco for download
Thanks,
Preston
---------------------------------------------------------------------------
The Lightning Console aggregates IDS events, correlates them with
vulnerability info, reduces false positives with the click of a button, anddistributes this information to hundreds of users.
Visit Tenable Network Security at http://www.tenablesecurity.com to learn
more.
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:36 EDT