|
|
|
Date Submitted:
07/03/06
Hits: 43 Rating:  based on 0 votes
Know Your Enemy: Passive FingerprintingAdded by Papergrl
Description:
Traditionally, Operating System fingerprinting has been done using active tools, such as queso or nmap. These tools operate on the principle that every operating system's IP stack has its own idiosyncrasies. Specifically, each operating system responds differently to a variety of malformed packets. All one has to do is build a database on how different operating systems respond to different packets. Then, to determine the operating system of a remote host, send it a variety of malformed packets, determine how it responds, then compare these responses to a database. Fyodor's nmap is tool of choice when using this methodology.
Read the Complete Paper |