Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Faking OS fingerprinting in Windows

From: "Christian Wendell Gueco" <velox () consultant com>
Date: Mon, 13 Jun 2005 12:48:43 +0800
Hello,

While doing an OS fingerprint to a client using nmap, the system was fingerprinted to :

Panasonic IP Technology Broadband Networking Gateway, KX-HGW200

I am assuming that this results are caused by a IP stack manipulation tool of some sort running on a Windows platform 
since this server has an ASP website hosted. I would like to ask on any tools that runs on Windows that can perform 
such a task. I have research such tools but all of them run on Linux systems.

Another thing to assume, is it possible that a device prior to the server (i.e. inline IDS or firewall) is capable of 
manipulation the IP Personality (i.e. its header values incl TCP) to mislead any OS fingerprinting mechanism. Are there 
such features on opensource and commercial devices?

Any information is gladly appreciated. Thanks!

- velox

====================================
Certified Geek
Email: velox_at_consultant_dot_com



-- 
___________________________________________________________
Sign-up for Ads Free at Mail.com
http://promo.mail.com/adsfreejump.htm
Previous By Date Next
Previous By Thread Next

Current thread: