Version 0.2.2 fixes a number of bugs and introduces more features:
- Added a new fingerprinting module: TCP RST|ACK
- Added the keywords: 'icmp_echo_reply = [y,n]' and 'icmp_unreach_reply = [y,n]'
- Added TCP ports for the '-B' command line option which searches for an opened TCP port for the SYN|ACK module. The TCP ports queried are: 80, 443, 23, 21, 25, 22, 139, 445, 6000. A SYN request will be sent to a TCP port on the list only if the previous TCP port on the list is closed or not responding.
- Added a new experimental module for the detection of network obstacles between the scanning system to the target. The module is used together with the port scanner, and is enabled with the usage of a the '-A' command line option.
Changes made to the signature DB:
- The signature DB was updated to reflect the new R|A fingeprinting module and the new keywords introduces
- Added signature for Linux Kernel 2.6.10
- Added signature for Foundry Networks IronWare based devices versions 07.6.04aT51, 07.7.01eT53
- Added signatures for a number of HP JetDirect Printers
Unique abilities with Xprobe2 v0.2.2:
The ability to distinguish between the following groups of Linux Kernels:
2.4.0-2.4.3
2.4.4
2.4.5-2.4.18
2.4.19-2.4.28
2.6.0-2.6.7
2.6.8
2.6.9-2.6.10
The new version of xprobe2 can be downloaded from: http://prdownloads.sourceforge.net/xprobe/xprobe2-0.2.2.tar.gz?download
SHA-1: 2e32ba37e3e9495c635b8b93887d9a9634f0a54e MD5: 8eea1406d035827bb8bfeb0536622e1f
Yours, The Xprobe2 development team, Fyodor Yarochkin (fyodor at (nospam) o0o dot nu) Ofir Arkin (ofir at (nospam) sys-security dot com) Meder Kydyraliev (meder at (nospam) o0o dot nu)
