RE: OS Fingerprint?
From: Black, Braden (BBlack@VSCat.com)Date: 08/06/01
- Previous message: Rafael 'Dido' Sevilla: "Tools to detect promiscuous interfaces?"
- Maybe in reply to: Michael: "OS Fingerprint?"
- Next in thread: acz [iSecureLabs]: "RE: OS Fingerprint?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <5A223F8E6A58D31198CA00805F952B130667A334@vsc-exchange.limited.com> From: "Black, Braden" <BBlack@VSCat.com> To: security-basics@securityfocus.com, "'ovr3@arnix.net'" <ovr3@arnix.net> Subject: RE: OS Fingerprint? Date: Mon, 6 Aug 2001 11:33:03 -0400
The methods used for getting your OS fingerprint vary. Some scanners simply
connect to listening ports and grab the banner / header info (if any) to try
to determine OS and service type/version, etc. Other, more sophisticated
methods involve analysis of the TCP/IP replies from the target host. For
more information on TCP/IP fingerprinting, read fyodor's paper at
http://www.insecure.org/nmap/nmap-fingerprinting-article.html. Check out
this article as well, as it describes how to defeat TCP/IP OS
fingerprinting:
http://www.usenix.org/publications/library/proceedings/sec2000/smart.html.
Hope this helps.
- Braden
-----Original Message-----
From: Michael [mailto:ov3r@arnix.net]
Sent: Thursday, August 02, 2001 7:00 PM
To: security-basics@securityfocus.com
Subject: OS Fingerprint?
I was wondering what was the best way to change your OS fingerprint to
get a few
spare moments on an attack. If there was actually a website that could
give you
multiple ways that would be great also if someone knew. Thanks
-- Arnix Security, Inc. Michael Olden
- Previous message: Rafael 'Dido' Sevilla: "Tools to detect promiscuous interfaces?"
- Maybe in reply to: Michael: "OS Fingerprint?"
- Next in thread: acz [iSecureLabs]: "RE: OS Fingerprint?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
