Re: OS Fingerprints
From: GomoR (sfml_at_gomor.org)
Date: 10/05/05
- Previous message: JB: "RE: OS Fingerprints"
- In reply to: BSK: "OS Fingerprints"
- Next in thread: Dragos Ruiu: "Re: OS Fingerprints"
- Reply: Dragos Ruiu: "Re: OS Fingerprints"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 5 Oct 2005 14:59:10 +0200 To: pen-test@securityfocus.com
On Tue, Oct 04, 2005 at 03:07:27PM +0100, BSK wrote:
> Dear All,
>
> Some time back I came across a document that listed a
> table with Operating systems and their TTL that helped
> identify an operating system.
>
> I've been trying to search that document on Internet
> and my machine but not successful yet. Can someone
> point me to that or similar document.
>
> Basically I'm looking for information which helps us
> identify the target operating system from its TTL
> field obtained while ping. The document for example
> listed that if the TTL is 128 its likely to be M$ and
> if its 64 its likely to be Cisco Router or switch.
>
> Await your reply.
>
> rgds,
> Bshan
Hello,
if you want a simple trick to do OS fingerprinting, I
suggest you to use the initial window size of a TCP session
establishement.
If you use that, you can create a table for each OS I've
seen by parsing the file at:
http://www.gomor.org/files/net-sinfp-db-export.txt
Or better, use the database in SQLite format:
DB Schema:
http://www.gomor.org/files/net-sinfp-db-schema.ps
DB:
http://www.gomor.org/files/sinfp.db
Or even better, use SinFP:
http://www.gomor.org/cgi-bin/index.pl?mode=view;page=net_sinfp
Best regards,
-- ^ ___ ___ FreeBSD Network - http://www.GomoR.org/ <-+ | / __ |__/ Systems & Security Engineer | | \__/ | \ ---[ zsh$ alias psed='perl -pe ' ]--- | +--> Net::Packet <=> http://search.cpan.org/~gomor/ <--+ ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
- Previous message: JB: "RE: OS Fingerprints"
- In reply to: BSK: "OS Fingerprints"
- Next in thread: Dragos Ruiu: "Re: OS Fingerprints"
- Reply: Dragos Ruiu: "Re: OS Fingerprints"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
