Saturday, May 16, 2009

Nmap OS Fingerprinting

Active OS Fingerprinting (Gen1) - Nmap versions <>TCP Sequence Prediction
  • SYN packet to open port
  • NULL packet to open port
  • SYN|FIN|URG|PSH packet to open port
  • ACK packet to open port
  • SYN packet to closed port
  • ACK packet to closed port
  • FIN|PSH|URG packet to closed port
  • UDP packet to closed port

    • Nmap Gen2 Active OS Fingerprinting (> 30 different methods/tests, invoked with -O or -O2)
    • TCP ISN greatest common denominator (GCD)
    • TCP ISN counter rate (ISR)
    • TCP IP ID sequence generation algorithm (TI)
    • ICMP IP ID sequence generation algorithm (II)
    • Shared IP ID sequence boolean (SS)
    • TCP timestamp option algorithm (TS)
    • TCP initial window size (W, W1 - W6)
    • IP don’t fragment bit (DF)
    • IP initial time-to-live guess (TG)
    • Explicit congestion notification (CC)
    Posted by at

    No comments:

    Post a Comment

    Subscribe to: Post Comments (Atom)