Penetration Testing mailing list archives
Re: OS Fingerprints
From: Dragos Ruiu <dr () kyx net>
Date: Wed, 5 Oct 2005 18:53:35 -0700
This new talk coming at PacSec 05, seems like it will be of interest to the people who are interested in this thread. I'm told early results with their technique show promise. I'm looking forward to perusing their info myself. The slides will be posted in Japanese and English after the conference. Some additional information about the talk... Speaker: Javier Burroni, working at Core Security Technologies' Labs in Buenos Aires, Argentina Title: Using Neural Networks for remote OS identification Description: Remote operating system detection techniques based on fingerprint analysis are widely used in the penetration testing process. The first fingerprinting implementations were based on the analysis of differences between TCP/IP stack implementations. The next generation focused their analysis on the application layer data such as the DCE RPC endpoint information. Even though it was an advance in the information to work with some variation of the "best fit" algorithm was still used to interpret the new information. This strategy suffers from the weakness that it will not work in non-standard situations and the inability to extract the key elements which uniquely identify an operating system. The next step is to focus on the algorithm used to analyze the data rather than the data itself. Our new approach involves an analysis of the composition of the information collected during the OS identification process to identify elements and their relations. We have found that this produces better results under certain configurations. -- World Security Pros. Cutting Edge Training, Tools, and Techniques Tokyo, Japan November 14-16 2005 http://pacsec.jp pgpkey http://dragos.com/ kyxpgp ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- OS Fingerprints BSK (Oct 05)
- Re: OS Fingerprints Franck Veysset (Oct 05)
- Re: OS Fingerprints Daniele Bellucci (Oct 05)
- RE: OS Fingerprints Omar (Oct 05)
- RE: OS Fingerprints JB (Oct 05)
- Re: OS Fingerprints GomoR (Oct 05)
- Re: OS Fingerprints Dragos Ruiu (Oct 06)
- Re: OS Fingerprints Nicolas Gregoire (Oct 05)
- Re: OS Fingerprints Francisco Pecorella (Oct 05)
- Re: OS Fingerprints Tim (Oct 05)
- Re: OS Fingerprints Joe Matusiewicz (Oct 05)
- RE: OS Fingerprints Omar A. Herrera (Oct 05)
- Re: OS Fingerprints Chuck (Oct 05)
- <Possible follow-ups>
- Re: OS Fingerprints Don Parker (Oct 05)
- RE: OS Fingerprints ankush.kapoor (Oct 05)
- Re: OS Fingerprints BSK (Oct 05)
- Re: OS Fingerprints sumit . siddharth (Oct 05)
(Thread continues...)