Penetration Testing mailing list archives
Re: Identifying Windows O/S & SP
From: Roger Dodger <random_alphanumeric_characters () yahoo com>
Date: Wed, 24 Aug 2005 22:18:21 -0700 (PDT)
How about trusty ol'Nmap nmap -P0 -O -T Paranoid <ip address> I didn't do a packet count but should avoid IDS in paranoid mode... Cheers, RAC ----Original Message----- From: L3wD [mailto:l3wd () earthlink net] Sent: Wednesday, August 24, 2005 6:53 PM To: pen-test () securityfocus com Subject: Identifying Windows O/S & SP I am looking for a method of correctly identifying Windows O/S Versions and Service Packs remotely. Here are my restrictions: - Performed Remotely (not in same broadcast domain) - No Admin Rights on Remote Box - No Username/Password on Remote Box - VERY Few Packets Generated (excluding TCP 3-way handshake) - Ability to **AVOID** IDS Detection My preferences are for something that is command line based, and can be run from a Linux platform. I'll take something GUI based or Windows based if that is all there is. Multiple tools are fine, as long as the number of packets generated are very low. I've taken a look at Winfingerprint 0.6.2 with only the Win32 OS Version option selected, but it generates 70+ packets which is too loud for my purposes. __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Current thread:
- Identifying Windows O/S & SP L3wD (Aug 24)
- Re: Identifying Windows O/S & SP Jayson Anderson (Aug 26)
- Re: Identifying Windows O/S & SP Ivan . (Aug 26)
- Re: Identifying Windows O/S & SP Gustavo de Jesús Barrientos Guerrero (Aug 26)
- Re: Identifying Windows O/S & SP AdamT (Aug 26)
- <Possible follow-ups>
- Re: Identifying Windows O/S & SP ekamerling (Aug 26)
- Re: Identifying Windows O/S & SP Roger Dodger (Aug 26)