Hot Downloads

Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1

TOPIC: Passive OS Fingerprinting

Passive OS Fingerprinting 14 years 8 months ago #857

  • sahirh
  • sahirh's Avatar Topic Author
  • Offline
  • Honored Member
  • Honored Member
  • Posts: 1700
  • Thank you received: 0
Passive OS fingerprinting is a technique used to discover what OS is running on a host without actively probing it by sending packets. This is particularly useful when you're sniffing some traffic and need to know what OS a particular machine is using.

Here is the link to an absolutely stellar paper by Toby Miller. It includes sample sniffed output from various OS's. Be warned, you should have a firm understanding of networking and how a raw packet looks before reading this paper. Its not for the weak hearted.

www.incidents.org/papers/OSfingerprinting.php

This technique is different from what many port/vulnerability scanners such as nMap ( www.insecure.org/nmap ) use to 'fingerprint' a remote host. Here, no packets are sent to the host being interrogated, making this a particularly stealthy detection method.

Some admins use this technique to gather information on attackers.. more on this later.

Happy reading

Please Log in to join the conversation.

Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
  • Page:
  • 1
Time to create page: 0.121 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup