Re: Application-based fingerprinting ?

From: Joris De Donder (joris@digitaldefense.be)
Date: Tue Feb 04 2003 - 16:27:06 EST

• Next message: Jason Lewis: "Using ARP to map a network"
• Previous message: Rod Strader: "Routes that are susceptible to SNMP"
• Maybe in reply to: Anders Thulin: "Application-based fingerprinting ?"
• Next in thread: skyper: "Re: Application-based fingerprinting ?"
• Reply: skyper: "Re: Application-based fingerprinting ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

>Have there been any attempts to explore this area further?

http://www.thehackerschoice.com/releases.php

"THC-RUT comes with a OS host Fingerprinter which determines the remote
 OS by open/closed port characteristics, banner matching and nmap
 fingerprinting techniques (T1, tcpoptions)."

"Amap is a next-generation scanning tool, it identifies applications
 and services even if they are not listening on the default port by
 creating a bogus-communication."

Joris

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

• Next message: Jason Lewis: "Using ARP to map a network"
• Previous message: Rod Strader: "Routes that are susceptible to SNMP"
• Maybe in reply to: Anders Thulin: "Application-based fingerprinting ?"
• Next in thread: skyper: "Re: Application-based fingerprinting ?"
• Reply: skyper: "Re: Application-based fingerprinting ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:27 EDT