IV Needle Injecting Tech into the Vein

16May/090

Nmap OS Fingerprinting

Active OS Fingerprinting (Gen1) - Nmap versions <>TCP Sequence Prediction

  • SYN packet to open port
  • NULL packet to open port
  • SYN|FIN|URG|PSH packet to open port
  • ACK packet to open port
  • SYN packet to closed port
  • ACK packet to closed port
  • FIN|PSH|URG packet to closed port
  • UDP packet to closed port

    • Nmap Gen2 Active OS Fingerprinting (> 30 different methods/tests, invoked with -O or -O2)

    • TCP ISN greatest common denominator (GCD)
    • TCP ISN counter rate (ISR)
    • TCP IP ID sequence generation algorithm (TI)
    • ICMP IP ID sequence generation algorithm (II)
    • Shared IP ID sequence boolean (SS)
    • TCP timestamp option algorithm (TS)
    • TCP initial window size (W, W1 - W6)
    • IP don’t fragment bit (DF)
    • IP initial time-to-live guess (TG)
    • Explicit congestion notification (CC)
    Filed under: Uncategorized Leave a comment
    Comments (0) Trackbacks (0)

    No comments yet.


    Leave a comment

    No trackbacks yet.

    » «

    Calendar

    May 2009
    S M T W T F S
        Jun »
     12
    3456789
    10111213141516
    17181920212223
    24252627282930
    31  

    Pages

    Recent Posts

    Meta

    Tags

    about config analysis banned ports bluetooth cheat sheet dell dig dns dnsstuff enigma firefox Forensics gmail reader hd high definition interrogation jaunty microsoft 5000 mini mouse netcat nslookup password rainmeter resolution royale noir share shared folder ssh symbolic link theme traceroute tunneling ubuntu vi vim virtualbox volatile whois windows windows xp

    Categories