Hacking Class 5 - Scanning and FingerPrinting ContinuesIn the Previous class I have discussed the very basic things about scanning and two most important scanning tools namely NMAP and Nettools. Now we continue our discussion on the Scanning ...
Now we Discuss some internal and advanced scanning Methods..
First of Which is OS Fingerprinting...
What is OS Fingerprinting ??
OS fingerprinting is the method to determine the operating system that is running on the target system.
The two different types of fingerprinting are:
• Active stack fingerprinting
• Passive fingerprinting
Active Stack FingerPrinting:
Based on the fact that OS vendors implement the TCP stack differently.Specially crafted packets are sent to remote OSs and response is noted. The responses are then compared with a database to determine the OS.
Passive banner grabbing refers to indirectly scanning a system to reveal its server’s operating system.
It is also based on the differential implantation of the stack and the various ways an OS responds to it.
It uses sniffing techniques instead of the scanning techniques. It is less accurate than active fingerprinting.
TOOL USED FOR OS FINGERPRINTING :p0f Os Fingerprinting Tool
P0f v2 is a versatile passive OS fingerprinting tool. P0f can identify the operating system on:
- machines that connect to your box (SYN mode),
- machines you connect to (SYN+ACK mode),
- machine you cannot connect to (RST+ mode),
- machines whose communications you can observe.
P0f can also do many other tricks, and can detect or measure the following:
- firewall presence, NAT use (useful for policy enforcement),
- existence of a load balancer setup,
- the distance to the remote system and its uptime,
- other guy’s network hookup (DSL, OC3, avian carriers) and his ISP.
We will continue class on scanning in the evening...Today I will explain more about scanning.. So wait for Next article...
If You Have Any Queries ask Me ... I will Help You