Announcement

Collapse
No announcement yet.

Passive Fingerprinting

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Passive Fingerprinting

    First time poster, long time reader :)

    I just started reading Windows 2k Exposed and wanted to learn more about Passive Fingerprinting. I did a google search and came up with a few different articles that were good, but I was wondering if anyone here had any good books or articles that might help me learn a little more.

    Thanks for the help in advance,

    Mickx27
    Tags: None
  • #2
    Re: Passive Fingerprinting

    Originally posted by Mickx27
    First time poster, long time reader :)



    I just started reading Windows 2k Exposed and wanted to learn more about Passive Fingerprinting. I did a google search and came up with a few different articles that were good, but I was wondering if anyone here had any good books or articles that might help me learn a little more.



    Thanks for the help in advance,



    Mickx27

    Well, there's really three things at issue here:

    1) What it is
    2) How to do it (which is generally a list of software capable of it)
    3) What are the known fingerprints (a laundry list of single packet contents and multi-packet patterns)

    Which are you interested in, exactly?
    http://bitshift.org

    Comment

    • #3
      I think the more important of them being... what exactly are you trying to fingerprint? OS usage? service/daemon usage?
      if it gets me nowhere, I'll go there proud; and I'm gonna go there free.

      Comment

      • #4
        Re: Re: Passive Fingerprinting

        Originally posted by urban
        Well, there's really three things at issue here:

        1) What it is
        2) How to do it (which is generally a list of software capable of it)
        3) What are the known fingerprints (a laundry list of single packet contents and multi-packet patterns)

        Which are you interested in, exactly?
        Thanks for the response Urban,

        1) I think I know what it is. From my understanding its ways to find out what you're dealing with. Who's answering you're knock.

        2) I got a good idea on how to do it.. i just have never tried myself...yet. From my understanding Active is going up to the front door and knocking and when someone answers you can see who they are, and Passive is knocking without anyone knowing, and still be able to see who they are.

        (sorry I don't know how else to write it)

        I also understand about the differences in TTL, Window Size, Don't Fragment bit, and TOS signatures. But I don't know them well enough. I got a good chart started by someone already

        Chart

        But I would like to make one of my own.

        3) I am just learning about fingerprinting so the only two I have heard of is Active and Passive. I would like to focus on Passive for the moment but I am sure I would like to learn Active as well.

        I hope that makes sense :)

        Thanks again

        Mickx27
        Last edited by Mickx27; July 8, 2003, 14:33.

        Comment

        • #5
          Originally posted by converge
          I think the more important of them being... what exactly are you trying to fingerprint? OS usage? service/daemon usage?
          ***EDIT***

          OS and Services

          Here is a nother link I was reading.

          Link

          Maybe I am still being to general :(

          Thanks,

          Mickx27
          Last edited by Mickx27; July 8, 2003, 15:07.

          Comment

          Previous template Next
          Working...
          X