taken from bugtraq...

We are pleased to announce the immediate availability of Xprobe2 v0.2
rc1, which has been officially released at the Blackhat briefings USA

Xprobe2 is a remote active operating system fingerprinting tool with a
different approach to operating system fingerprinting. Information on
Xprobe2’s technology can be obtained from [1] and [2].

The new version of Xprobe2 introduces enhancements and advancements in
Xprobe2’s development.

Xprobe2 now includes:

- A TCP fingerprinting module (among the other fingerprinting modules
the tool uses)
- A Port Scanner
- An automatic receive timeout for Xprobe2's different modules
- The ability to completely control the tool’s operation
- A newly built signature database with over 160 signatures
- And other enhancements and fixes

Xprobe2 is more accurate then ever before, and the only active
operating system fingerprinting tool, which is able to uniquely
identify Microsoft Windows 2000 Server SP3, Microsoft Windows 2000
Server SP4, Microsoft Windows 2003 Server Enterprise Edition, and
Microsoft Windows 2003 Standard Edition.

The source code of Xprobe2 v0.2 rc1 can be found at:

MD5: e97cf2f230408a1ade8a6769125159f3
SHA1: 63ab6bdf0f6869d8c51dc0d372a43d373c1043bd

Xprobe2’s new version release is accompanied by a white paper titled:
“The Present and Future of Xprobe2 – The Next Generation of Active
Operating System Fingerprinting”. The white paper includes a detailed
description of the tool’s new features as well as a future development
plan and many examples for the tool usage.

The white paper can be downloaded from:

The presentation given at Blackhat USA 2003 and at Defcon 11 is
available from:
Ofir_Arkin_BH_USA_2003_v1.0.1.zip [~2.3mb]
Ofir_Arkin_BH_USA_2003_v1.0.1.ppt [~3.3mb]

Xprobe2 development team,

Ofir Arkin [ofir@sys-security.com]
The Sys-Security Group
PGP CC2C BE53 12C6 C9F2 87B1 B8C6 0DFA CF2D D360 43FA

Fyodor Yarochkin [fygrave@tigerteam.net]

Meder Kydyraliev [Meder@areopag.net]

[1] http://www.sys-security.com/html/projects/X.html
[2] “xprobe2 - A 'Fuzzy' Approach to Remote Active Operating System
Fingerprinting”, Ofir Arkin & Fyodor Yarochkin, August 2002,