Penetration Testing mailing list archives
Re: OS Fingerprints
From: GomoR <sfml () gomor org>
Date: Wed, 5 Oct 2005 14:59:10 +0200
On Tue, Oct 04, 2005 at 03:07:27PM +0100, BSK wrote:
Dear All, Some time back I came across a document that listed a table with Operating systems and their TTL that helped identify an operating system. I've been trying to search that document on Internet and my machine but not successful yet. Can someone point me to that or similar document. Basically I'm looking for information which helps us identify the target operating system from its TTL field obtained while ping. The document for example listed that if the TTL is 128 its likely to be M$ and if its 64 its likely to be Cisco Router or switch. Await your reply. rgds, Bshan
Hello, if you want a simple trick to do OS fingerprinting, I suggest you to use the initial window size of a TCP session establishement. If you use that, you can create a table for each OS I've seen by parsing the file at: http://www.gomor.org/files/net-sinfp-db-export.txt Or better, use the database in SQLite format: DB Schema: http://www.gomor.org/files/net-sinfp-db-schema.ps DB: http://www.gomor.org/files/sinfp.db Or even better, use SinFP: http://www.gomor.org/cgi-bin/index.pl?mode=view;page=net_sinfp Best regards, -- ^ ___ ___ FreeBSD Network - http://www.GomoR.org/ <-+ | / __ |__/ Systems & Security Engineer | | \__/ | \ ---[ zsh$ alias psed='perl -pe ' ]--- | +--> Net::Packet <=> http://search.cpan.org/~gomor/ <--+ ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- OS Fingerprints BSK (Oct 05)
- Re: OS Fingerprints Franck Veysset (Oct 05)
- Re: OS Fingerprints Daniele Bellucci (Oct 05)
- RE: OS Fingerprints Omar (Oct 05)
- RE: OS Fingerprints JB (Oct 05)
- Re: OS Fingerprints GomoR (Oct 05)
- Re: OS Fingerprints Dragos Ruiu (Oct 06)
- Re: OS Fingerprints Nicolas Gregoire (Oct 05)
- Re: OS Fingerprints Francisco Pecorella (Oct 05)
- Re: OS Fingerprints Tim (Oct 05)
- Re: OS Fingerprints Joe Matusiewicz (Oct 05)
- RE: OS Fingerprints Omar A. Herrera (Oct 05)
- Re: OS Fingerprints Chuck (Oct 05)
- <Possible follow-ups>
- Re: OS Fingerprints Don Parker (Oct 05)
- RE: OS Fingerprints ankush.kapoor (Oct 05)
- Re: OS Fingerprints BSK (Oct 05)
(Thread continues...)