Security Incidents mailing list archives
Re: Strange ICMP timestamp replies
From: Jose Nazario <jose () BIOCSERVER BIOC CWRU EDU>
Date: Tue, 16 Jan 2001 13:46:09 -0500
On Tue, 16 Jan 2001, Florian Weimer wrote:
These are ICMP timestamp replies, I think. Does anybody know why somebody sends such packets? You can hardly do OS fingerprinting using ICMP timestamp replies.
as a matter of fact you can play with ICMP to do host discovery and generic OS detection: http://www.sys-security.com/archive/papers/ICMP_Scanning_v2.5.pdf hope this helps, ____________________________ jose nazario jose () cwru edu PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80 PGP key ID 0xFD37F4E5 (pgp.mit.edu)
Current thread:
- Strange ICMP timestamp replies Florian Weimer (Jan 16)
- Re: Strange ICMP timestamp replies Jose Nazario (Jan 16)
- Message not available
- Re: Strange ICMP timestamp replies Florian Weimer (Jan 16)