Detect OS using IP address?

apit
Topic Author
Offline
Premium Member

18 years 5 months ago #11370 by apit

Detect OS using IP address? was created by apit

can we detect operating system just using ip address?
how to do it?
since i'm sys admin at my company,this is important to me to monitor all user Operating system

DaLight
Offline
Platinum Member

18 years 5 months ago #11379 by DaLight

Replied by DaLight on topic Re: Detect OS using IP address?

Using network scanners such as Nmap , it is pretty easy to scan a range of IPs and determine the operating systems running on the machines.

apit
Topic Author
Offline
Premium Member

18 years 5 months ago #11383 by apit

Replied by apit on topic Re: Detect OS using IP address?

if we scan from inside and outside the network, is it display with the same result?

FallenZer0
Offline
Premium Member

18 years 5 months ago #11387 by FallenZer0

Replied by FallenZer0 on topic Re: Detect OS using IP address?

if we scan from inside and outside the network, is it display with the same result?

Why in the first place you would want inbound traffic from untrusted sources be given the ability to scan your networks?

Why would you give rights/permissions to users inside to install software so they can do OS Finger Printing?

I would think user be given only rights to do their job.

Lets say an Intelligent user works around to do OS FingerPrinting.
He should then find the Vulnerabilities to exploit it. Isn't it you job to make sure all the holes are closed?

I don't have real world experinces and the above is purely from my common sense approach and I'm sure you can find more creative ways of protecting your networks as there are people in this world.

-There Is A Foolish Corner In The Brain Of The Wisest Man- Aristotle

nske
Offline
Elite Member

18 years 5 months ago #11395 by nske

Replied by nske on topic Re: Detect OS using IP address?

if we scan from inside and outside the network, is it display with the same result?

If the addresses that you scan are routable from the outside and no filtering takes place, then the results would be the same. OS fingerprinting techniques rely on the exchange of packets, by collecting information both from unique patterns and behaviours of each OS's tcp/ip stack, and from checking information graciously provided from software services' banners.

It is not any distinguishable (filterable) kind of inbound traffic used for OS fingerprinting, so if you want any service to be available publicly then this is enough for anyone to take an educated guess about the OS answering. However, since firewalls and nat devices can mess with some of the fingerprinting techniques, you should get more accurate and specific results by scanning from within the network.

The software than Dalight suggested, nmap, implements probably the most efficient method combination for OS fingerprinting and it should be your first choise!