[fw-wiz] Tool Release: Xprobe2 0.2

From: Ofir Arkin (ofir_at_sys-security.com)
Date: 10/13/03

  • Next message: hermit921: "Re: [fw-wiz] [OT] tcpdump parsing"
    To: firewall-wizards@honor.icsalabs.com
    Date: Mon, 13 Oct 2003 17:22:02 +0200

    We are pleased to announce the immediate availability of Xprobe2 v0.2,
    which has been officially released at the Blackhat Federal 2003.

    Xprobe2 is a remote active operating system fingerprinting tool with a
    different approach to operating system fingerprinting. Information on
    Xprobe2’s technology can be obtained from [1], [2], and [3].

    The new version of Xprobe2 introduces enhancements and advancements in
    Xprobe2’s development.

    Xprobe2 now supports:

    - Automatic Signature Generation
    - XML based output
    - The TCP Options Timestamp Fingerprinting method (first to be
    introduced at Blackhat USA 2003)

    The source code of Xprobe2 v0.2 can be found at:

    MD5 (xprobe2-0.2.tar.gz) = ca723a7e4c8c5001191efdb43e63bbee
    SHA1 (xprobe2-0.2.tar.gz) = fc7231dbe1de518b49d15b8677a0b65661312cb4

    For more information about Xprobe2 0.2 new features please see the
    presentation given at Blackhat Federal 2003:
    Ofir_Arkin_BH_FEDERAL.ppt [~600k]

    Xprobe2 development team,

    Ofir Arkin [ofir@sys-security.com]
    The Sys-Security Group
    PGP CC2C BE53 12C6 C9F2 87B1 B8C6 0DFA CF2D D360 43FA

    Fyodor Yarochkin [fygrave@tigerteam.net]

    Meder Kydyraliev [Meder@areopag.net]

    [1] http://www.sys-security.com/html/projects/X.html
    [2] “xprobe2 - A 'Fuzzy' Approach to Remote Active Operating System
    Fingerprinting”, Ofir Arkin & Fyodor Yarochkin, August 2002,
    [3] “The Present and Future of Xprobe2 – The Next Generation of Active
    Operating System Fingerprinting”, Ofir Arkin, Fyodor Yarochkin, Meder
    Kydyraliev, July 2003,

    firewall-wizards mailing list

  • Next message: hermit921: "Re: [fw-wiz] [OT] tcpdump parsing"