It is possible to do a basic fingerprinting without using specific softwares.
An easy way to recognize the OS running on a machine is to ping it.
Depending on the value of the TTL contained in the reply packet, it is possible to guess the OS.
Each manufacturer has implemented a different version of the TCP/IP stack (they accomplish the same functions, but some values are different, as the TTL value).
For example, if the TTL in the reply from the same datalink is equal to 255, the reply may be sent by a Cisco IOS router.
I specified "from the same datalink", because if not, then the TTL will be decreased at each router.
No comments:
Post a Comment