Penetration Testing mailing list archives
Re: Application-based fingerprinting ?
From: Bill Pennington <billp () boarder org>
Date: Tue, 4 Feb 2003 10:18:47 -0800
Jeremiah Grossman did a talk at BlackHat Singapore on Web Server fingerprinting. You can find it here - http://www.whitehatsec.com/presentations.html
I also recall a tool that did the same for BIND servers but I can't remember its name right now.
On Monday, February 3, 2003, at 11:22 PM, Anders Thulin wrote:
Hi!Fingerprinting a TCP stack seems a fairly well understood technique bynow, and there are several tools, more or less developed, for the task: nmap, ring, ICMP-based techniques, etc. A recent glance over the output from a dozen different finger servers suggests that fingerprinting might be done fairly well on application level, too, although possibly not always as exactly as for TCP/IP-based techniques: applications are easier to move around than TCP stacks are. Have there been any attempts to explore this area further? I've googled around, but not found anything obvious, except for observations of some fingerprints, such as responses to DNS SERVER_STATUS_REQUEST (a few respond with something else than 'not implemented'), and so on.-- Anders Thulin anders.thulin () kiconsulting se 040-661 50 63Ki Consulting AB, Box 85, SE-201 20 Malmö, Sweden----------------------------------------------------------------------- ----- This list is provided by the SecurityFocus Security Intelligence Alert (SIA)Service. For more information on SecurityFocus' SIA service whichautomatically alerts you to the latest security vulnerabilities please see:https://alerts.securityfocus.com/
--- Bill Pennington, CISSP, CCNA Senior Information Security Engineer WhiteHat Security Inc. http://www.whitehatsec.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Application-based fingerprinting ? Anders Thulin (Feb 04)
- Re: Application-based fingerprinting ? Dave Aitel (Feb 04)
- Re: Application-based fingerprinting ? Eugene Tsyrklevich (Feb 04)
- Re: Application-based fingerprinting ? Paul Cardon (Feb 04)
- Re: Application-based fingerprinting ? Chris Reining (Feb 04)
- Re: Application-based fingerprinting ? Bill Pennington (Feb 05)
- Re: Application-based fingerprinting ? Javier Fernandez-Sanguino (Feb 10)
- <Possible follow-ups>
- RE: Application-based fingerprinting ? Skyler King (Feb 04)
- Re: Application-based fingerprinting ? Joris De Donder (Feb 04)
- Re: Application-based fingerprinting ? skyper (Feb 05)