August 8th, 2003, 05:32 PM
Xprobe2 0.2rc1 release
taken from bugtraq...
We are pleased to announce the immediate availability of Xprobe2 v0.2
rc1, which has been officially released at the Blackhat briefings USA
Xprobe2 is a remote active operating system fingerprinting tool with a
different approach to operating system fingerprinting. Information on
Xprobe2’s technology can be obtained from  and .
The new version of Xprobe2 introduces enhancements and advancements in
Xprobe2 now includes:
- A TCP fingerprinting module (among the other fingerprinting modules
the tool uses)
- A Port Scanner
- An automatic receive timeout for Xprobe2's different modules
- The ability to completely control the tool’s operation
- A newly built signature database with over 160 signatures
- And other enhancements and fixes
Xprobe2 is more accurate then ever before, and the only active
operating system fingerprinting tool, which is able to uniquely
identify Microsoft Windows 2000 Server SP3, Microsoft Windows 2000
Server SP4, Microsoft Windows 2003 Server Enterprise Edition, and
Microsoft Windows 2003 Standard Edition.
The source code of Xprobe2 v0.2 rc1 can be found at:
Xprobe2’s new version release is accompanied by a white paper titled:
“The Present and Future of Xprobe2 – The Next Generation of Active
Operating System Fingerprinting”. The white paper includes a detailed
description of the tool’s new features as well as a future development
plan and many examples for the tool usage.
The white paper can be downloaded from:
The presentation given at Blackhat USA 2003 and at Defcon 11 is
Xprobe2 development team,
Ofir Arkin [email@example.com]
The Sys-Security Group
PGP CC2C BE53 12C6 C9F2 87B1 B8C6 0DFA CF2D D360 43FA
Fyodor Yarochkin [firstname.lastname@example.org]
Meder Kydyraliev [Meder@areopag.net]
 “xprobe2 - A 'Fuzzy' Approach to Remote Active Operating System
Fingerprinting”, Ofir Arkin & Fyodor Yarochkin, August 2002,
yeah, I\'m gonna need that by friday...