MingSweeper 1.00 alpha 5 (build 130)
=======================================

General
=======

Works best on Windows 2000 and XP. Will run OK on NT 4.0 (service pack 4 and above) but without raw socket functions such as half-scans and OS detection.

OS detection utilises both Fyodors NMAP style of OS fingerprinting and ICMP OS fingerprinting as discussed in the Ofir Arkin ICMP paper. Mingsweeper can use (and import) NMAP fingerprint files although these fingerprints will not contain ICMP information.

Installation
============

1 Extract all files in archive to desired directory
2 [Win 2000 and above only] Double-click the file 'EnableUserTOS.reg' to enable user specifed TOS values for raw IP packets. This allows Mingsweeper to send IP packets with non standard TOS values which is necessary for accurate OS fingerprinting. This requires a reboot to take effect.

Usage Notes
===========

1 OS Detection and raw scan types (SYN,FIN,NULL,XMAS and ACK) require Windows 2000 or XP
2 All fingerprints taken are written to the 'Unknown Fingerprints' folder, this is a test thing
3 All activity is written to a timestamped log file in the 'logs' folder
4 Hardly any error checking on user inputs yet, be careful
5 Some bugs, be warned
6 On multi-homed NT4 machines you may need to specify your select your source interface from the list (in the options tab)
7 Target specification is a comma delimited list of either hostnames, ip addresses or ip address ranges as follows :
	target.hoobie.net	(target single node target.hoobie.net)
	192.168.0.10		(target single node 192.168.0.10)
	192.168.0.*	 	(target class C 192.168.0.x)
	192.168.0.1-127    	(target from 192.168.0.1 to 192.168.0.127 inclusive)
	172.16-23.*.*		(target all nodes from 172.16.0.0 to 172.23.255.255 inclusive)
	*.*.*.*			(target the world! - Don't do this without permission and lots of memory/time)
  These could be combined on a single line as follows :
	192.168.1-10.*,192.168.11-255.1,target.hoobie.net,172.16-23.*.1



=====

Greg <greg-minger@hoobie.net>
August 2001




