TCP/IP stack fingerprinting

         There was a new blog called ” Researcher fingerprinters networks to find rogue hardware” just posted, I was interested in something about fingerprinter. After researching, I found the TCP/IP stack fingerprintingfrom Wikipedia. The definition from Wikipedia is “it is the passive collection of configuration attributes from a remote device during standard  layer 4 network communications.”

          This is the new way for hacker to detect imformation from remote system.If you dont know what the OS is running in target system ,it is difficult to perform operations on the target system,it can not detemine the existence of security vulnerabilities ,let alone attack.

         At the beginning hackers often uses some simple detection methods to gain the target system information,such as using http program,DNS,or SNMP to get a lot of useful information. But later,in the long struggle against the invasion and anti invasion ,using this simple means to get less and less information. In this case ,the simple approach has been very difficult to work,so there is a tcp/ip stack fingerprinting.

               In the different operating systems,or different versions of different operaring system, it will set different defaults of some values. and those values can help you to detect the information from target machines.

                I think it is good for us to know something about TCP/IP stack fingerprinting.Research this technology for improving system security and the ability to resist the invasion has inportant significance.

link to;blog-list-river

This entry was posted in IT Security, Week 19. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s